Search

Site navigation bar

Breadcrumb trail

Skala

Archived Content

Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards.

New Media Copyright Extensions Would Harm Canada

Submission of Matthew Skala to the Intellectual Property Policy Directorate, Industry Canada, and the Copyright Policy Branch, Canadian Heritage, in response to the June 22, 2001 discussion papers.

Executive Summary (350 words)

The most important point made in this submission is that digital rights management (DRM) technology should not and cannot be protected by Canadian law. DRM should not be protected because such protection would harm Canadian policy goals; and DRM cannot be protected because such protection would be contrary to the Constitution. DRM has been protected by recent U.S. legislation, in particular the Digital Millennium Copyright Act (DMCA), with disasterous results; we urge Canada not to repeat the U.S. mistakes.

Copyright law originally existed to promote censorship of religious material. Later intellectual property protections attempted to serve the public good by encouraging creation of new work. Throughout history, copyright existed as a privilege created for policy reasons rather than as a natural right. At this time large corporations claim that sweeping expansion of copyright is necessary to protect the supposed natural rights of authors. We claim that those natural rights do not exist, and also that expansion of copyright would harm Canadian policy goals. Furthermore, freedom of expression is protected by our Constitution, and intellectual property is not, so freedom of expression must come first.

A "making available" privilege is unnecessary at this time and would create problems due to ambiguity. We strongly oppose legal protection of "digital rights management" (DRM) technologies. As well as failing Constitutional muster, protection of DRM would harm Canadian competitiveness by creating a "brain drain" to other nations with less oppressive rules. It could also harm privacy rights, and reduce accessibility for the disabled. Protection of "rights management information" is difficult because it is hard to separate from DRM. We also explore issues of Internet Service Provider (ISP) liability, and how the creation of "notice and take-down" regimes gives plaintiffs in copyright cases the ability to write their own temporary restraining orders without a judge.

We conclude with case studies of copyright overextension in the U.S.A., and some biographical notes and contact information. We urge Canada not to make the same mistakes as the U.S.A., not to overextend copyright privileges against the Constitution, and especially not to protect digital rights management technologies with poorly thought-out legislation.

Any discussion of copyright must begin and end with freedom of expression. As affirmed in the Canadian Charter of Rights and Freedoms, Section 2. b), everyone has the right to "freedom of thought, belief, opinion and expression, including freedom of the press and other media of communication". This freedom is guaranteed, in Section 1, "subject only to such reasonable limits prescribed by law as can be demonstrably justified in a free and democratic society" (emphasis added). Any law that could limit freedom of expression must then be so justified.

Legal protection of intellectual property has existed for more than four centuries, and during that time, it has been placed on three distinct foundations. We examine those three foundations in this section, each in its own historical context: first, intellectual property as a means for censorship and to promote an economic monopoly; second, intellectual property for the benefit of writers and other creators; and finally, intellectual property as a means of increasing the body of public domain material, for the common good. We then discuss some proposed changes to copyright law in Canada, and relate those changes to the historical foundations of intellectual property.

The concept of "copyright" originated in the tradition of English common law, most especially the charter of the Stationer's Company, issued by Queen Mary I in 1556. A monopoly on publication was reserved for a few selected master printers, all books published had to be recorded in a special register, and importation and sale of foreign books was prohibited. By entering the name of a work in the register, a publisher secured the exclusive privilege of publishing that work. The entry in the register was called a "copy", and the exclusive publication privilege was what became known as "copyright". There was no limit to the term of the privilege, and the legal entrenchment of it was merely a codification of the pre-existing "gentlemen's agreements" among members of the Stationer's Guild, which was already acting to protect its own monopoly on publishing.

The five volumes of A Transcript of the Registers of the Company of Stationers of London 1554-1640 A.D., edited by Edward Arber, privately printed in London in 1875, and reprinted by Peter Smith of Gloucester, Massachusetts in 1967, form an invaluable reference for the history of the Stationer's Company, and we draw heavily from them in what follows. First of all, let us consider the reasons for forming the Stationer's Company. It is clear that the Stationer's Guild sought legal backing for its unofficial monopoly in order to maximize its own profits; but Her Majesty's motives in granting that backing were somewhat different. Consider the following quote from the preamble to the Charter of the Company, translated by Arber from its original Latin.

Know ye that we, considering and manifestly perceiving that certain seditious and heretical books rhymes and treatises are daily published and printed by divers scandalous malicious schismatical and heretical persons, not only moving our subjects and lieges to sedition and disobedience against us, but also to renew and move very great and detestible heresies against the faith and sound catholic doctrine of Holy Mother Church, and wishing to provide a suitable remedy in this behalf[. . .] (Arber, volume I, page xxviii)

Queen Mary might well have worried about "sedition and disobedience", considering the circumstances of her own succession to the throne. Just a few years before the formation of the Stationer's Company, she had imprisoned and then executed her predecessor, Lady Jane Grey, who had reigned as Queen for only nine days at the age of seventeen after assuming the throne unwillingly under somewhat unusual circumstances. Although Mary was the popular favourite to be Queen, we could suppose that she would have cause to be concerned about the dissemination of certain ideas relating to the monarchy.

Furthermore, Mary was known as an enthusiastic Roman Catholic. She was notorious for burning Protestants at the stake, a habit which earned her the nickname "Bloody Mary". She issued proclamations against books critical of the Catholic Church, for instance on June 13, 1555 (Arber, volume I, page 52), naming a long list of forbidden books and authors and authorizing searches of the homes of suspected holders of those books; and on June 5, 1558 (Arber, volume I, page 92), which we quote almost entirely here:

Whereas dyuers bokes filled bothe with heresye, sedityon and treason, haue of late, and be dayly broughte into thys Realme, oute of forreine countries and places beyond the seas, and some also couertly printed within this Realme, and cast abroade in sondrye partes thereof, whereby not onely God is dishonored, but also an encoragemonte giuen to disobey laweful princes and gouernors. The Kyng and Quenes Maiesties, for redresse hereof, by this ther present proclamation declare and publyshe to all their subiectes that whosoeuer shal after the proclaymyng hereof, be founde to haue any of the sayde wycked and seditious bokes, or finding them, doo not forthwith burne the same, without showing the readyng the same to anye other person, shall in that case be reputed and taken for a rebell, and shall without delay be executed for that offence accordynge to th ordre of marchall lawe.

In the reprinted Arber book, this is described as a proclamation in which Mary "fairly out-Herods Herod; and clearly shows from what extremities of misery England was delivered by [her] death in the following November." But full deliverance was slow in coming, because on November 10, 1559 Queen Elizabeth I issued a Confirmation of the Stationer's Company Charter, reaffirming everything in it (Arber, volume I, page xxxii).

The practice of banning and burning "seditious" books continued, as shown for instance in a Star Chamber Decree of June 29, 1566 (Arber, volume I, page 322). The Decree prescribed forfeiture of the offending books, three months imprisonment, and a permanent suspension of the right to print books, for anyone guilty of printing banned books. That Decree also gave officers of the Stationer's Company comprehensive police authority to search and inspect warehouses, bookshops, and almost everywhere else, in seeking violations of the prohibition.

One such search was conducted February 21, 1569, of the study of one John Stowe, and an account of the search including a "Cataloguy of such vnlawfull bookes as [the searchers] found" is presented by Arber (volume I, pages 393-394). With the new Queen, the official position on religion had changed, and the "vnlawfull bookes" were primarily those promoting Roman Catholic doctrine. Eight days later, on March 1, 1569, Elizabeth issued a proclamation (Arber, volume 1, page 430) setting out a twenty-eight day grace period for her subjects to turn over forbidden books to the local religious authorities, "vpon payne of her Maiesties greeuous indignation" and severe punishment to be determined on a case by case basis.

Sterner measures, including indefinite imprisonment for keepers of seditious books, were prescribed in a Proclamation issued July 1, 1570 (Arber, volume I, page 452). That Proclamation included a number of interesting details, including a special provision for how an illiterate person ought to deal with books of unknown content, and a "safe harbour" provision to protect and reward finders of seditious material in exchange for their cooperation in apprehending others.

We note two more items from this era. First, several notes from June 1599 (Arber, volume III, pages 677-678) describe the banning and burning of a list of books including the suggestive titles Marriage and wyving and 15 Joyes of marriage, which suggests that by this time the censorship, originally political and religious, may have spread to issues of public morality as well. Naturally, the two books mentioned are not available for modern-day examination as to their nature. Finally, a curious memorandum from July 14, 1617 (during the reign of King James I) is reproduced below in its entirety.

MEMORANDUM That I Gervase Markham of London gent Do promise hereafter Neuer to write any more book or bookes to be printed, of the Deseases or cures of any Cattle, as Horse, Oxe, Cowe, sheepe, Swine and Goates &c In witness whereof I haue herevnto sett my hand the 14th Day of Julie. 1617./

Geruis Markham

(Arber, volume III, page 679)

Why such a promise would be important is not clear. The memorandum seems reminiscent of the promises extracted from this author and Eddy Jansson in the course of the cp4break affair described below. We can only guess at the events leading up to the recording of that item; nonetheless, it seems useful as evidence that by the Seventeenth Century, censorship administered by the Stationer's Guild had spread to a wide range of topics.

It is clear that censorship for political, religious, and other purposes was the Royal rationale for legal recognition of intellectual property privileges in the days of Queens Mary and Elizabeth I. Such censorship is not a highly valued goal of present-day Canadian law; indeed, it is anathema to the "free and democratic society" mentioned in Section 1 of the Charter of Rights and Freedoms, and to the principles embodied in several other places in our Constitution. The final words for this subsection are quoted from a single extremely long-winded sentence in Arber's introduction to the reprinted Registers:

It may therefore be a most worthy study [. . .] to trace the gradually encroaching power [. . .] gagging the press, as a means of fettering and regulating the human mind; to trace with delight the inevitable reaction from such coercion in secret printing; [. . .] pointedly to mark out the secretly printed books [. . .] as so many effective protests against the edict of mere coercive Authority, 'Thou shalt not say,' or as it is sometimes also insolently, though in vain, reached forward to realize, 'Thou shalt not think for thyself.' (Arber, volume I, page xv)

A document popularly called the Statute of Queen Anne or, more fully, An Act for the Encouragement of Learning, by Vesting the Copies of Printed Books in the Author's [sic] or Purchasers of Such Copies 8 Anne, c. 19 (1709), is widely regarded as the first "modern" copyright law. Some commentators even describe this statute as the first copyright law of any kind, although as described above, the Charter (and before that, the unofficial practices) of the Stationer's Company represented an earlier form of intellectual property protection.

What makes the Statute of Queen Anne "modern" is its relatively enlightened purpose. Bloody Mary's intellectual property laws were clearly intended to support censorship of religious and political books, and embraced by the publishers because of the economic monopoly they conferred. The purpose of the new law, enacted in 1709 and coming into force in 1710, is described by this quote from its preamble:

Whereas printers, booksellers, and other persons have of late frequently taken the liberty of printing, reprinting, and publishing, or causing to be printed, reprinted, and published, books and other writings, without the consent of the authors or proprietors of such books and writings, to their very great detriment, and too often to the ruin of them and their families: for preventing therefore such practices for the future, and for the encouragement of learned men to compose and write useful books[. . .]

So with this Statute the emphasis shifted considerably, from protecting the political interests of the Throne and the publisher's monopoly, to supporting creators of literary works. There is also the added goal of "the encouragement of learned men to compose and write", which foreshadows the early U.S. theory of copyright we shall discuss in the next subsection. Even with the focus on the authors, however, it is not clear that this Statute claims copyright to be anything other than an artificially-created legal privilege. The theory of absolute control as the natural God-given right of creators did not arrive until much later.

There are several other provisions we should like to highlight in the Statute of Queen Anne. The Stationer's Company was allowed to retain its monopoly for another 21 years on the books already in its register, evidence that even in the Eighteenth Century, the publishing cartel had political power to influence lawmaking. That register was to remain in use for new works also, but now merely as a means for privilege holders to record and thereby secure their privileges, which were to last 14 years from first publication. There is no mention of censorship, or language against "sedition and heresy", in the Statute. On the contrary, the clerk of the Company was required to accept all new listings, with a fine of twenty pounds for failure to do so. Other provisions against the Stationer's Company monopoly include a procedure for buyers of books to complain about excessively high prices and a long list of officials authorized to force a reduction in price in such cases.

Another interesting item is a special consideration for universities. This provision could be seen as a forerunner to the modern idea of "fair dealing" for academic and educational purposes. In the Statute of Queen Anne the special position of the academic community is acknowledged as follows:

IX. Provided, That nothing in this act contained shall extend, or be construed to extend, either to prejudice or confirm any right that the said universities, or any of them, or any person or persons have, or claim to have, to the printing or reprinting any book or copy already printed, or hereafter to be printed.

The third major foundation for intellectual property protection comes from a desire to reward authors, not primarily for their own benefit (as in the Statute of Queen Anne) but to provide an incentive for creation of new work for the public good. This foundation was enshrined in law in the Constitution of the U.S.A., which went into effect in 1789. It is this foundation that we consider the most appropriate basis for copyright law today. Obviously, we should prefer to use the Canadian Constitution as a source; but there is no intellectual property protection in the Canadian Constitution. That issue is discussed later.

The U.S. Constitution empowers Congress (their approximate equivalent of Parliament) "[t]o promote the progress of science and useful arts by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries." (Article I, Section 8, Clause 8, usually called "The Copyright Clause".) This clause is noteworthy because it singles out intellectual property as something about which Congress can and should make laws, worthy of note in the Constitution. That section includes, in sequence, six clauses about financial powers, one each for establishing a postal system, intellectual property protections, and a court system, a clause respecting piracy on the high seas, six clauses about military powers, and finally two clauses granting general powers over Federal lands and lawmaking. That they mentioned intellectual property on this list, and before such important matters as the court system and the military powers of Congress, speaks for how important these people considered "the progress of science and useful arts".

The Copyright Clause is also noteworthy for what it does not say. The framers of the U.S. Constitution were people who had no qualms about characterizing some rights as God-given or inalienable; their proceedings are full of that kind of rhetoric. But they did not so describe the form of intellectual property protection created by their Copyright Clause. On the contrary, they gave Congress the power to enact intellectual property protections only "for limited times" and "[t]o promote the progress of science and useful arts", clearly indicating that they understood copyright as a privilege created by the law for the specific purpose of encouraging creators, not as a natural right needing only to be acknowledged and protected by the law.

The status of intellectual property as an artificial privilege created for policy reasons is well described in a letter of Thomas Jefferson to Isaac McPherson dated August 13, 1813. The strong language of this letter becomes more than slightly ironic when considered in light of more recent U.S. copyright history, discussed in the next subsection of our submission.

It has been pretended by some, (and in England especially,) that inventors have a natural and exclusive right to their inventions, and not merely for their own lives, but inheritable to their heirs. But while it is a moot question whether the origin of any kind of property is derived from nature at all, it would be singular to admit a natural and even an hereditary right to inventors. [. . .] If nature has made any one thing less susceptible than all others of exclusive property, it is the action of the thinking power called an idea, which an individual may exclusively possess as long as he keeps it to himself; but the moment it is divulged, it forces itself into the possession of every one, and the receiver cannot dispossess himself of it. Its peculiar character, too, is that no one possesses the less, because every other possesses the whole of it. He who receives an idea from me, receives instruction himself without lessening mine; as he who lights his taper at mine, receives light without darkening me. That ideas should freely spread from one to another over the globe, for the moral and mutual instruction of man, and improvement of his condition, seems to have been peculiarly and benevolently designed by nature, when she made them, like fire, expansible over all space, without lessening their density in any point, and like the air in which we breathe, move, and have our physical being, incapable of confinement or exclusive appropriation. Inventions then cannot, in nature, be a subject of property.

Jefferson goes on to describe how a limited monopoly (i.e. copyright) may be desirable as a matter of public policy to encourage innovation, "but, generally speaking, other nations have thought that these monopolies produce more embarrassment than advantage to society[.]" So it is clear that one of the same issues we find interesting, of whether copyright is a natural right or a formal privilege created for policy reasons, was an issue of interest even in 1813; and even then, people like Jefferson were drawing the same conclusions we draw. Recall that copyright was always used to promote public policy: first the policy of censorship in the reigns of Mary I and Elizabeth I, then in 1709 the pleasanter-sounding goal of rewarding creators set forth in the Statute of Queen Anne. But even in that Statute, one stated purpose was "for the encouragement of learned men [and women!] to compose and write useful books", for the public good. Copyright was not historically designed as a protection of some God-given natural right to control creation.

Copyright took on new meaning in the Twentieth Century as technological developments made possible copying of work on a large scale by end-users. Also, the introduction of technology for recording audio and video made copyright on works other than books far more relevant. One significant development, the Berne Convention of the 1970s, represented an effort to standardize intellectual property protections globally. Note that the Berne Convention extended copyright to the life of the original author plus 50 years, far more than the fourteen years from publication prescribed by early legislation like the Statute of Queen Anne.

The introduction of the video cassette recorder (VCR) was also significant, for its transformation of how the public consumed motion pictures. Video cassette recorders sparked the famous Betamax lawsuits (1976-1984), described amusingly on the (http://www.sony.co.jp/en/Fun/SH/1-14/h2.html) Web site of the Sony corporation as a series of cases in which "consumers won the right to freely enjoy video tape recorders at home." Sony, the manufacturer of Betamax VCRs, was sued by major holders of television copyright privileges on the theory that by selling equipment capable of recording television shows, Sony was aiding infringement of the copyright privileges in those shows. After years of legal proceedings, the fair dealing rights of consumers to tape shows for later viewing were eventually upheld. How ironic that a few years later, Sony would become a leading member of the Secure Digital Music Initiative, arguably dedicated to preventing consumers (by means of DRM technology) from freely enjoying digital audio recorders at home.

In the 1980s and 1990s, home computers became a significant force, and they raised new copyright issues. Computers as copying machines captured very little attention when home computers existed essentially in isolation, with physical exchange of diskettes the only means for copying data from one machine to another. The hard-fought war of the 1980s, between computer hobbyists and manufacturers of "copy protection" software, attracted almost no attention outside the computing community. But in the 1990s, when a larger segment of the public began using computers and modems and the Internet allowed computers to exchange data much more efficiently, consumer copying of digital media (especially music) became a significant issue.

The U.S. Digital Millennium Copyright Act (DMCA), passed in 1998 with its enforcement suspended for the first two years pending review, is well known to the copyright reform community. For our purposes, the most interesting aspect of the DMCA is its criminalization of "trafficking in [DRM] circumvention devices". As cases like SDMI Challenge show, such "trafficking" is considered to include things like academic conference presentations, and other activities not previously viewed as criminal.

Less relevant to new media but also interesting is the Sonny Bono Copyright Term Extension Act, also passed in the U.S. in 1998, in which many copyright terms in the U.S. were extended to 20 years beyond the Berne Convention limit. (The name derives from the late U.S. Congressman Sonny Bono, who died shortly before the law was introduced and had no other connection to it.) Some commentators have speculated that this extension was motivated primarily by lobbying from the Walt Disney Corporation, attempting to keep its monopoly on the Mickey Mouse character. The first Mickey Mouse cartoon's copyright would otherwise have expired in 2003. This law is of interest as an example of how corporate interests can create a call for otherwise-unnecessary "reforms". It is hard to imagine how the extension, flying in the face of international treaty provisions, could "promote the progress of science and useful arts", the supposed justification for copyright under the Copyright Clause of the U.S. Constitution.

Both extensions are instead put forward on a different justification: the idea that copyright is a natural right of authors to control their works. Existing copyright laws exist to protect this natural right, so the claim goes, and new technology represents a new threat, demanding expansion of the privileges in the copyright bundle in order to compensate. That line of reasoning is supported by the popular misconception that copyright is a right because the word "copyright" includes the word "right". It is evident in rhetoric about "pirates" who "steal" copyrighted work; any talk of theft implies that the thing being stolen was susceptible to being owned in the first place.

But that was never the basis for copyright law, and as discussed in the previous section it was explicitly rejected, for instance by Jefferson, during the time when existing copyright laws were framed. Previous copyright laws were always based on the idea of a legislated privilege created where no natural right exists. Enough time has elapsed since the origins of copyright law that today few people remember exactly where it came from. So in the two U.S. copyright extensions of 1998 (the DMCA and Sonny Bono laws), we see a fourth justification for copyright: as a protection for some natural right against the forces of evil embodied in new technology.

The most interesting developments since 1998 have been driven by court cases, also mostly based in the U.S. but sometimes (as in cp4break and the Sklyarov case) dragging in citizens of other countries. Those two and several other cases are described in our section of case studies below. One common thread in such cases is the extension of U.S. copyright law to cover matters not formerly considered to implicate copyright, such as the publication of critical reviews. Another common thread is the extension, again, of U.S. copyright law to cover people not formerly covered by U.S. law at all, such as Canadian citizens working in Canada. We claim that such extensions are extremely dangerous to Canadian values. Thus the title of the present submission: New Media Copyright Extensions Would Harm Canada.

The attack on Canadian sovereignty in copyright law may proceed through many channels, including:

Lobbying by large U.S. corporations for "reforms" to Canadian law, on the theory, somewhat resembling blackmail, that privilege holders will be unwilling to release new music and motion pictures in Canada without stronger "protection".

Calls for protection of privilege holders' natural rights. See discussion below of whether copyright privileges can be called natural rights.

Pressure to interpret the WIPO treaty requirements (not yet ratified in Canada anyway) in the most restrictive way possible, as has been done in the U.S.A.

Intellectual property additions to other treaties, for instance the controversial Free Trade Area of the Americas (FTAA) treaty. See the Electronic Frontier Foundation's (http://www.eff.org/alerts/20010816_eff_ftaa_alert.en.html) action alert on this matter.

As we enter the Twenty-First Century, the situation facing Canadians is that we are beset on all sides by powerful interests seeking to promote the concept of copyright as a natural right, in order to return copyright law to its Sixteenth-Century origins: the absolute monopoly enjoyed by the Stationer's Company in the time of Bloody Mary. We urge the Departments to learn from the mistakes of history instead of repeating them. Copyright should not be bent into a tool for monopolistic corporations to make even more money, especially not at the cost of Canadian sovereignty; it has a much more important purpose to serve. Copyright should be a support, not a limit, to the freedom of expression promised by the Canadian Constitution.

In this section we present some observations about copyright law as it relates to Canada, noting similarities to earlier policies mentioned in the historical section above. The first two observations are general in nature: we note that computer software, like everything else covered by copyright, is necessarily also protected as freedom of expression; and we note that copyright is properly described as a privilege rather than a true right, since it has no Constitutional protection in Canada. These two points combine to support what is probably the most important issue of our submission: that no legislative protection of "digital rights management" technologies is appropriate.

For interest's sake we should like to quote a characterization of the Aboriginal attitude toward ownership of folklore, from the Government's own discussion paper A Framework for Copyright Reform: "The creators of folklore see their work as gifts that no longer belong to their creators once they are shared with the community." We suggest that that analysis should be applied across the board, not just to folklore. There is no relevant difference between folklore and any other copyrightable material. All creative work should be considered primarily as a contribution to our cultural framework and only secondarily as a tool for its creator to make money.

Let us begin with a simple observation. This point should be so obvious as to be beneath mention, but it has been forgotten in some recent debates on copyright and so we reiterate it here: Computer software is a form of expression and therefore protected by the "freedom of expression" guarantee in the Charter of Rights and Freedoms. This question will become relevant in discussing some of the case studies later in this submission; we shall argue that researchers who make statements by publishing computer software should have their actions protected by freedom of expression.

Computer software is a form of written language used by human beings to communicate with each other and to control computers. People called programmers create software by writing lists of instructions describing in detail the functions desired. Those instructions are called "source code". In some cases the source code may be directly executed by a computer, following the instructions one by one; in other cases the source code may be translated to another form called "object" or "binary" code, which is then used by the computer. Translation in the reverse direction is sometimes possible and useful, but usually difficult and not often attempted. Programmers often communicate with each other by exchanging source code, since it provides a convenient medium for expressing ideas relating to computer programs.

Our use of words like "write" and "communicate" is not a metaphor: creation of computer software really is the same kind of act, done with the same general kinds of tools and skills, as creation of books, letters, and other writings. The fact that most Canadians may not be able to read and understand software is no more relevant than the fact that most Canadians may not be able to read and understand a letter written in Inuktitut: both are nonetheless forms of expression and fully protected by the Canadian Charter of Rights and Freedoms.

There are different languages for software (such as C, Perl, and Java) in much the same way that there are different languages for other forms of writing (such as English and French). Software can even be written in languages that are derived from, or subsets of, natural languages like English and French. Since source code can sometimes be executed directly, and object code can sometimes be written directly by human beings instead of through a mechanical translator, the names "source code" and "object code" are approximate at best. Basing policy on a distinction between the two would be a dicey proposition, notwithstanding that some court decisions in the U.S.A. (citations below) have attempted to make such a distinction.

There have been relatively few court decisions on the protection of software as free expression in Canada. Although we certainly do not recommend the wholesale and automatic adoption of U.S. policy here, we would like to mention two court cases: (http://www.eff.org/bernstein/Legal/19990506_circuit_decision.html) Daniel J. Bernstein v. U.S. Department of Justice et al. and Peter D. Junger v. William Daley et al. In both cases, the courts (namely the U.S. Courts of Appeals for the Ninth and Sixth Circuits respectively) were willing to recognize computer source code as a form of speech. They drew a distinction which we consider inappropriate, between source and object code based on the greater "functional nature" of the latter; but the U.S. courts surely acknowledged source code at least, as speech protected under the First Amendment, their equivalent to the free expression guarantee of our Charter.

There is another reason to regard computer software as a form of expression, both in source and object code form: computer software is covered by copyright and protection of expression for the public good is the raison d'être of copyright. It is clear from the legislative history that copyright does protect computer software and that this is no accident. The Canadian Intellectual Property Office's own Web site includes a timeline describing how in 1988 the Copyright Act was amended to specifically clarify that it does protect computer software.

The protection of software by the Copyright Act is now enshrined in the definitions of Section 2 of that Act, which definitions mention that the term "literary work" includes computer programs. The Act's definition of "computer program" makes no mention of the (difficult) source versus object code distinction; indeed, it uses the language "a set of instructions . . . to be used directly or indirectly in a computer" (emphasis added), which suggests an intended application to both source and object code. Trivially, anything defined in law as a "literary work" ought to be worthy of Charter "freedom of expression" protection.

We also note that the Copyright Act does not disclude computer programs or anything else from copyright protection solely because of the "functional nature" criterion proposed in the U.S.A., and we suggest that the burgeoning computer software industry would be eager to argue for its position as a "copyright-based industry" under the definition used in the discussion papers. Consider, for instance, cases like the Cyber Patrol reverse engineering case described later in this document; the plaintiffs most assuredly wanted to claim that the software was covered by copyright, and the courts entertained that idea.

Anything that can be copyrighted must be a form of expression and protected by the Charter. Software can be copyrighted. Therefore software is a form of expression and protected by the Charter. Claims that software does not deserve Constitutional protection, coming from the same industry so loudly calling for expansion of copyright protection, seem disingenious at best.

Freedom of expression is Constitutionally protected in Canada, intellectual property is not, and that could be the end of the debate right there. In the U.S.A., copyright and similar laws derive from the "Copyright Clause" in Article I, Section 8 of that nation's Constitution, which specifically empowers Congress "[t]o promote the progress of science and useful arts by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries." That power must be balanced against the requirement of the First Amendment that "Congress shall make no law . . . abridging the freedom of speech or the press[.]" The ongoing and extremely heated debates over copyright law in the U.S.A. centre largely on how to balance these two sometimes conflicting imperatives.

In Canada, the situation is different because we have only one side of that balance. In Canada we have something like the First Amendment, in section 2. b) of the Charter. But we have nothing like the Copyright Clause. In all the various Acts of the English Parliament, Accords, and other documents making up the Canadian Constitution, there is no specific mention of exclusive privileges to intellectual property. We might believe that intellectual property laws are good for Canada, and so their existence could be justified by the more general powers of Canadian Parliament. Perhaps copyright could also be supported by the broad tradition of English common law on which Canadian law is based. But the explicit Constitutional guarantee of freedom of expression must carry a great deal of weight when compared to such implicit justifications. From the point of view of the Canadian Constitution, freedom of expression exists and copyright does not. In a conflict between the two, freedom of expression must come first.

Why do we as a society tolerate the existence of copyright laws at all? Surely everyone has the natural right to talk about any ideas they may encounter; everyone has the natural right to write words on paper and create mathematical structures such as computer programs. These acts do not suddenly become immoral just because somebody else wrote the same words first. Parents do not literally own their children, slavery being illegal in Canada; neither do creators literally own their work. How can something intangible be owned in the same way that inanimate physical objects can be owned? It would appear that despite its name, "copyright" is not a natural right. Why, then, does it exist?

The answer is that copyright per se falls under the exemption of Section 1 of the Charter. We, as a society, have agreed that copyright law in its current form is a "reasonable limit . . . demonstrably justified in a free and democratic society". Everyone benefits from the existence of publicly-available creative work. In order to encourage the creation of such work, we create an artificial incentive. In return for creating and publishing creative work, society gives creators a bundle of special privileges called "copyright". Some of those privileges, for instance the privilege of restricting duplication of a work, run counter to freedom of expression. Privileges under copyright law can only be granted to the extent that they encourage creation of new work, and (for copyright privileges that restrict others' expression) to the extent that creation of new work is more important than freedom of expression.

We emphasize that copyright is a bargain: creators get extra privileges (especially privileges to restrict use of creative work) which they would not enjoy under natural law, in exchange for making their work publicly available. If privilege holders attempt to keep the work to themselves, applying to it the kind of "ownership" that one might have over physical possessions, then they are breaking the terms of the bargain and should forfeit their copyright privileges. Copyright is not a natural right like the natural rights of Section 2 of the Charter; copyright is an artificial construction created in violation of Section 2, under the "reasonable limits" exemption of Section 1. Copyright can only exist to the extent that it remains a reasonable limit.

This analysis of copyright as an artificial privilege may seem novel and bizarre to readers accustomed to thinking of copyright as a natural or "God-given" right. We contend that our analysis is the correct one. From copyright's beginnings in the Sixteenth Century, through to the Nineteenth Century commentary of Jefferson, copyright was recognized as an administrative creation. Right from the beginning, the Stationer's Guild (and similar monopolies in the New World) acted primarily for its own economic gain, and it is clear that as early as 1813 monopolistic publishers were crying "Protect the natural rights of authors!" as an excuse for legal entrenchment of their practices. Recall also the comments of Arber in 1875 on the dangers of censorship, quoted more fully earlier: "the gradually encroaching power [. . .] gagging the press, as a means of fettering and regulating the human mind[.]" It speaks poorly for the Twentieth Century that in that time such demands were occasionally taken seriously by policy-makers; let us leave that mistake behind as we enter the Twenty-First Century.

The section on legal protection of digital rights management (DRM) technologies in the Consultation Paper on Digital Copyright Issues makes clear that the Departments are already aware of some of the problems with DRM technology; a good thing, because we consider the issue of DRM protection to be the most important one facing copyright reformers at this time. One of this author's colleagues, a graduate student of computer science from Russia, was held for three weeks without bail in a U.S. Federal jail as a result of that nation's misguided Digital Millennium Copyright Act. His "crime" apparently consisted of presenting a lecture on his thesis research. (This is the Sklyarov case described below.) We are reasonably confident that such a thing could not happen in Canada today; we hope that will continue to be true in the future.

The most important single purpose of this entire submission is to make clear that legal protection of DRM technologies would be a singularly bad thing for Canada and Canadians in the long and short term. In particular, we wish to emphasize what a dramatic "shift in Canadian copyright policy" protection of DRM technologies really would entail. Such protection would indeed, just as the Departments suggest, "transform a measure designed for protection into a means of impeding legitimate uses". (Both quotes are from the Consultation Paper.)

First, some background. There are two kinds of restrictions a privilege holder might want to make on use of copyrighted material. First, the privilege holder might want to enforce the kinds of limitations currently described by copyright law. For example, the manufacturer of a video movie might want to prevent customers from selling homemade copies of the movie. The author of a book might want not to have an extensively modified version appear as his or her work. This first kind of restriction seems to be in the public interest: by allowing privilege holders to restrict commercial distribution of the work they sell, and by maintaining the truthfulness of the label as to who wrote what, society creates an incentive for the creation of things like books and movies, and the existence of those things benefits the public.

There is a second kind of restriction that a privilege holder might want to make, however: the privilege holder might want to limit use or distribution in a way not permitted by the present copyright law. For instance, the manufacturer of a video movie might want to prevent customers from watching the recording in a city where it had not yet been officially released. The publishers of a piece of computer software might want to prevent the publication of a review containing a negative opinion about the software. (See the discussion of Cyber Patrol, below, for a concrete example.) These restrictions are not in the public interest. Simple property rights (as to physical objects, not the illusionary "intellectual property") dictate that a customer who legitimately buys a tangible recording should be able to use it anywhere; and the right to publish honest reviews of consumer products is fundamental to the free market.

Digital rights management (DRM) and similar technologies restricting copying and use of copyrighted work are inherently content-neutral. These technologies can help enforce the first kind of restriction, and thereby help the public good. But these restrictive technologies can also help enforce the second kind of restriction, and harm the public good, serving only the interests of the privilege holders. At this time privilege holders are demanding sweeping legal entrenchment of all DRM regardless of its underlying purpose, with penalties for circumvention or even discussion of circumvention. They claim that such entrenchment is necessary in order to secure the public good of the first kind of restriction and maintain the status quo with respect to copyright.

We claim that if DRM technologies were supported with legislation, then privilege holders would in fact use these technologies primarily to secure the second, inappropriate, kind of restriction, to the incalculable harm of the public good. In this report, we document some examples of attempts to use legally-entrenched "new media copyright" for enforcing other restrictions far beyond classical copyright, to the detriment of the public good. These additional restrictions take the form of restrictions on freedom of expression and thus directly implicate the Constitution. Because protection of DRM would infringe the rights guaranteed in the Canadian Charter of Rights and Freedoms, we suggest that the appropriate level of legal protection for DRM is "none at all". Some additional problems with DRM, relating to privacy and to accessibility for disabled persons, are described in the Q&A section below.

Even if we accepted as a legal fiction the idea that there was no conflict between protection of DRM and the freedom of expression guarantee in the Canadian Charter of Rights and Freedoms, even if we agreed that the Government had the Constitutional power to protect DRM against the dissemination of circumvention software, then it would still not be in the Government's interests to use that power. Protection of DRM is an undesirable policy as well as being not Constitutional. If Canada had something like the U.S. DMCA, Canada would become a less attractive place to do research; so research that might be done in Canada would be done elsewhere instead.

Loss of researchers (a copyright-law-driven "brain drain") is not a hypothetical concern. Consider, for instance, that Alan Cox, a noted contributor to the highly successful Linux computer operating system, resigned his position with Usenix ALS, a major technical conference in the U.S., because after the Sklyarov arrest, he feared for his own freedom should he travel to the U.S.A. As he said in his letter to the conference organizers and media, quoted in his declaration for the Felten case, "it has become apparent that it is not safe for non US software engineers to visit the United States." It is unknown how many other researchers have chosen to join Cox's proposed boycott, but his letter was widely distributed and highly regarded in Internet technical circles.

The present author, Matthew Skala, chose not to apply to the PhD programs of any U.S. universities, partly for similar reasons (although that was long before the Sklyarov case began). Instead he applied to four Canadian universities and got acceptances from every one of them, eventually choosing the University of Waterloo; if we had a DMCA in Canada, then Canadian universities would look much less appealing both to Canadian and foreign students. The existence of DMCA-type legislation in any nation will certainly have the effect of driving away research and researchers, to the obvious detriment of that nation's technological competitiveness.

It would be foolish to promote the recorded music and movie industries (whose executives are seldom out begging on the streets due to the supposed piracy epidemic) at the cost of stifling any further development in computer technology by making researchers unwelcome. Again we emphasize that this is not hypothetical or unusual: there are numerous actual cases of scientists threatened or prosecuted for doing research, under the provisions of "new media" copyrights (including the cp4break, Sklyarov, DeCSS, SDMI Challenge, and :CueCat cases), and it is the almost universal feeling among workers in these fields that the DMCA is something worrisome and threatening.

A column printed in IEEE Spectrum, the flagship publication of one of the major international professional organizations for scientists and engineers in the computing field, the June 2001 issue, page 9, discusses the DMCA and the SDMI Challenge case, points out that even software claimed to be directly threatening to U.S. national security is not prohibited in the way that "circumvention devices" are prohibited by the DMCA, and asks "Does the recording industry really need - or deserve - greater legislative protection than the U.S. National Security Agency or U.S. Central Intelligence Agency?" The answer of high-tech professionals is clearly a resounding "No!"

As one final argument against DRM which, although hardly necessary on top of our previous arguments, is simply too entertaining to leave out, we should like to cite the science fiction story The Right to Read by Richard Stallman. This first appeared as an article in the February 1997 issue of Communications of the ACM, which is the flagship publication of the other major international professional organization for scientists and engineers in the computing field. We strongly recommend reading the entire story, but will close this subsection with a brief quote:

Aside from the fact that you could go to prison for many years for letting someone else read your books, the very idea shocked him at first. Like everyone, he had been taught since elementary school that sharing books was nasty and wrong - something that only pirates would do.

The above was published in Communications of the ACM in February 1997, as fiction. In July 2001 it became non-fiction, when Dmitry Sklyarov was jailed for sharing books. We hope that he will not stay there for "many years", and that Canada will not be turned into Stallman's Dystopia by the modern-day incarnations of Bloody Mary's Company of Stationers.

Q: 1. How would a "making available" privilege affect the balances among the various copyright interests?

A: Giving creators an additional privilege to sell obviously gives them one more way to make money from their work and so could be seen as an advantage for them. For publishers, "record labels", and similar stakeholders, a making available privilege appears neutral: finer divisions within the copyright "bundle" allow for more narrowly-tailored business dealings but also can reduce the publisher's options should they change their business model. For the public, the existence of a making available privilege may have some spin-off benefits from the benefits accruing to creators and publishers, but is likely to be detrimental because of the increased confusion as to who is allowed to do what when.

Q: 2. In which respects might such a privilege require limitations or be subject to exceptions?

A: The making available privilege as proposed raises issues because it is not clear what "on demand" means. For instance, some music publishers are considering (or even test-marketing) systems for "electronic delivery" of audio recordings, where a customer pays a fee, downloads a file, and then can listen to it at their leisure, as many times as desired. The concept is that this process is analogous to buying a recorded CD, except that there is no physical object delivered. Is that "on demand communication" for the purposes of the proposed making available privilege? It is intended as a direct replacement for the existing process of buying a CD in a store or by mail order, a process which is surely covered by the reproduction privilege; but the virtually-instant delivery offered by a fast computer network gives it a definite "on demand" flavour.

Similarly, what of a library that places its collections online and allows people to electronically check out and return books or audio recordings, virtually instantly over the Internet? Is that "on demand communication"? It is communication that happens on demand, so the answer appears to be trivially "Yes". Will the library find that its existing rights to lend materials to the public no longer apply with electronic delivery? Should libraries be exempt, and if so, how shall we define "library"?

Making available is described in the consultation paper especially as something of interest for sound recordings. But cases like the MathWorld case below suggest that making available may be an interesting concept in regard to other kinds of materials, too. Rather than attempting to sort out these kinds of issues, we suggest that it is inappropriate to attempt to design a making available privilege at this time. The existing legislation is serviceable as it stands on this point; when the technological situation has matured further, it will be easier to make the correct decisions about making available.

Q: 3. In which respects do existing privileges, e.g., the reproduction privilege, fail to provide a measure of control which is comparable to a distinct "making available" privilege?

A: This question presupposes that some "measure of control" would be appropriate; a point we are not ready to concede. Understanding, however, that we do not necessarily agree with privilege holders: some holders of copyright privileges may want to prevent some uses of creative work that are currently covered by "fair dealing" and free expression. For instance, holders of privileges on music played by online "radio stations" might wish to prevent listeners from recording the broadcasts for later listening, an activity currently protected by law. If the recording and listening occurred on two different computers, with a network between them, then a making available privilege might help copyright holders prevent this form of fair dealing.

Q: 1. Given the rapid evolution of technology and the limited information currently available regarding the impact of technological measures on control over and access to copyright protected material, what factors suggest legislative intervention at this time?

Legislative intervention to protect technological measures is only suggested by the financial interests of the large corporations calling for such intervention, the modern incarnations of the monopolistic Stationer's Guild as it existed in Bloody Mary's time. Even if legislative intervention to protect technological measures may be indicated at some time in the future, and we suggest that it never will be because the essential issues have not changed in almost 450 years, such intervention is not appropriate now, precisely because of "the rapid evolution of technology and the limited information currently available regarding the impact of technological measures".

Q: 2. Technological devices can be used for both copyrighted and non-copyrighted material. Given this, what factors should be considered determinative in deciding whether circumvention and/or related activities (such as the manufacture or distribution of circumvention devices) ought to be dealt with in the context of the Copyright Act, as opposed to other legislation?

A: Any act with an expressive component, regardless of its possible "functional nature", must be evaluated with the freedom of expression guarantee of the Canadian Charter of Rights and Freedoms uppermost in mind. This especially includes the publication of computer software for circumvention of technological measures, since such publication is so often done for important expressive purposes of research or political comment. Recall that copyright in its modern form exists to encourage, not to restrict, free expression, as mentioned for instance in the Copyright Clause of the U.S. Constitution which puts forward intellectual property protection "[t]o promote the progress of science and useful arts" and in the title of the Statute of Queen Anne, which begins "An Act for the Encouragement of Learning". Copyright ought never to stand in the way of scientific research. "New media" copyright extensions have stood in the way of scientific research in the cp4break, Sklyarov, DeCSS, and SDMI Challenge cases (and no doubt others as well).

Q: 3. If the government were to adopt provisions relating to technological measures, in which respects should such provisions be subject to exceptions or other limitations?

A: The right to circumvent technological measures should not be subject to exceptions or other limitations. Anyone who circumvents technological measures in order to commit an illegal act can be prosecuted for the illegal act already. A law against circumvention per se would be unnecessary and harmful to the Government's and the public's interests, even if designed to target only circumvention for illegal purposes..

Q: 4. Are there non-copyright issues, e.g. privacy, that need to be taken into account when addressing technological measures?

A: Yes. Technological measures may well implicate privacy issues. For instance, the DIVX system, an early competitor to DVD, allowed consumers to physically possess discs of recorded motion pictures without actually having the privilege of viewing them. When a customer wanted to watch a movie, they would put the disc in a special player that contacted a central computer to lease the privilege of watching the disc, for a limited time. As a result, the central computer collected a database not only on discs held by each user, (we do not use the word "owned" because the customers were forbidden to exercise anything like ownership rights towards the discs), but also the complete history of when each disc was viewed. That kind of database would certainly be valuable to marketers, and would certainly be something that privacy-conscious consumers would be uncomfortable about.

Technological measures also implicate accessibility for the disabled. Most proposals for technologically-protected digital content delivery require the use of a proprietary "client" hardware device or software program implementing the access controls. It may be difficult or impossible for a disabled person to use the proprietary client. For instance, a book in electronic form and subject to "technological measures" may not allow the text to be copied into a voice synthesis system so that it can be read aloud to a blind person. That is not a hypothetical situation; the Adobe eBook system at issue in the Sklyarov case had exactly such a restriction, and one function of the jailed student's software was to bypass the restriction and allow access to eBook files by voice synthesis software.

If technological measures can be circumvented legally then there is some hope that a third party may create a special client for use by disabled users; alternatively, a generic circumvention program (like that described in the Sklyarov case) might allow the content to be translated into an unprotected form compatible with accessible clients. But if circumvention is criminalized, disabled persons may simply be unable to use the content at all. Such a restriction would be onerous enough today, but would become much worse in the future if (as some people predict) most books become routinely published electronically instead of on paper.

Even a requirement for content providers to add accessibility features to their systems, or an exemption permitting circumvention by or for disabled persons, would be insufficient. Disabled users are a small enough market, and creating good accessible systems is difficult enough, that it may be impossible for content providers to create usable accessibility features, and uneconomical for third parties to write special accessible clients for proprietary formats. The only workable solutions are to forbid technological "copyright protection" measures (supposedly the Russian approach, but a difficult proposition here to say the least) or to allow circumvention for general purposes, not just for accessibility.

Q: 1. What information should be protected under the Copyright Act? Given that information may cease to be accurate over time, should information relating to, for example, the owner of copyright and to terms and conditions of use be protected?

A: Because rights management information will often be inaccurate and there will be a strong temptation to link any rights management information into automatic enforcement (i.e. DRM) schemes, as little rights management information should be protected as possible, within the treaty requirements. Protected and inaccurate information will often cause problems: for instance, many audio CDs are now distributed with permanently recorded copy-protection signals indicating "no copies allowed" even though the copyright on the material already has expired or will eventually expire. The system currently used on CDs has no provision for indicating an expiry date even if the manufacturers wanted to record one, and a privilege holder attempting to correctly record such a date for the work of a living author would be faced with the distasteful task of trying to predict the author's death.

Someone wishing to make use of public domain material might well have to alter such rights-management signals in order to make legal use of the material; it should not be an offense to make the alteration. Note that devices for controlling exactly these signals, called "SCCM black boxes", are commonly available to audio professionals in Canada, perfectly legal at present, and their existence has not created the kind of horrific piracy problem that privilege holders claim to fear. We must bear in mind, too, that the Constitutionally protected right of freedom of expression must take precedence even over treaty requirements, no matter how strongly worded. The Constitution is the highest law of this land.

Q: 2. Certain terms and conditions may not be legally valid in Canada if they are contrary to public policy. In light of this, what limitations should there be on the protection of such information? Is a provision required that specifies that the protection of such information does not imply its legal validity in Canada?

A: Terms and conditions that are not legally valid in Canada should certainly not be legally protected in Canada. Our laws do not exist to cover for the mistakes made by other jurisdictions.

Q: 3. Given the fact that some technologies serve a dual purpose, i.e., reflect rights management information and protect a work against infringement, how should provisions concerning rights management information take into account provisions regarding technological measures?

A: Since protection of technologies that guard against "infringement" would normally be turned into protection of privilege holders' short-term economic interests against legal and worthwhile fair dealing, any protection of rights management information must be clearly and narrowly limited to exclude affording any protection to DRM technologies. As described in the previous subsection, protection of DRM is inappropriate.

Q: 4. If the Act were amended to protect rights management information, does the fact that some technologies may be used both to set out rights management information and protect a work against infringement mean that duplicate or overlapping sanctions could result in some cases?

A: Yes, of course. Consider the Sklyarov case below, to name just one example: the software under dispute could be described as "circumventing" the DRM (to allow books to be read by other software, for instance by voice synthesis software used by blind people), or as tampering with the "rights management information" (namely, the information recording limits like "reading this document aloud is forbidden"). The two concepts, of DRM and of "rights management information", are so close together as to render a distinction between them almost useless.

Q: 5. Are there non-copyright issues, e.g. privacy, that need to be taken into account when addressing rights management information?

A: All the issues mentioned in the previous subsection apply here also, but there are further problems with rights management information. For instance, creators have privacy rights too, and a system designed to "protect" their copyright privileges could easily expose private information without the creator's knowledge or consent. Consider, for instance, the uproar that occurred in 1999 when it was discovered that the ubiquitous Microsoft Office software places a hidden code identifying the author in every document it creates. Any Office document can be traced back to the individual, or at least the installation of Office, that created it. Many people were upset and the case attracted some media attention, but notably, nothing was done about it. The Microsoft corporation was not punished, they issued some "feel-good" press releases but the software was not changed, and to this day, hidden identification codes are embedded in Office documents. It is easy to imagine that such codes could be billed as "rights management information", since they identify the author and presumably copyright holder of a document, but their secret nature makes them a privacy threat. Note, too, that the facts about the document format were only discovered when people examined the format with "hacker tools" like (http://www.tuxedo.org/~esr/jargon/jargon.html#grep) Unix grep(1), an act that could easily have been called "circumvention".

Some of the problems with rights management information could be alleviated by requiring that all such information be visible to ordinary consumers through the same systems normally used to view, play, or otherwise consume the content; but such a requirement would not solve enough problems to make legal protection of rights management information a good idea.

Q: 1. Do the current provisions of the Copyright Act already adequately address ISP concerns?

A: No. Consider for instance the plight of Islandnet in the cp4break case. Although the allegedly infringing material was not even posted in Canada, Islandnet was named as a defendant in the lawsuit just because one of the co-authors of the document had his personal home page (which did not contain the allegedly illegal document) on their server. It would be far preferable for copyright law to make clear that all responsibility for publishing is held by whoever actually publishes a document; mere providers of general networking services, like ISPs, are not responsible for their clients' actions.

Q: 2. Some ISPs and privilege holders have entered into agreements for dealing with infringing material. In what respects is this approach sufficient or insufficient?

A: This approach is insufficient because ISPs and privilege holders are both driven by economic profit motives instead of by fairness. Corporations are not bound (as the Government is) to respect due process and freedom of expression. They may well form agreements that are good business but not good law. For instance, in the cp4break case Islandnet could easily have agreed to punish this author, outside the law, by taking down his Web site critical of the plaintiffs, in exchange for being relieved of the bother of defending itself in court. (Fortunately, Islandnet did not agree to such an arrangement.) Agreements for copyright enforcement outside the law are especially worrying in this era of corporate acquisition, when the ISPs and privilege holders may be, or be owned by, the same or closely related entities. For instance, the major U.S. Internet service provider, AOL, is owned by a corporation that also owns large blocs of copyright privileges; the collective entity is in fact named "AOL-Time-Warner.

Q: 3. What other intermediary functions that have not been discussed in this section, but that are nonetheless being carried out by ISPs, ought to be considered when developing a policy regarding ISP liability?

A: The section in the Consultation Paper is well-worded and covers almost all significant functions of ISPs. One additional function that might be considered, however, is that of linking. This is a function not only of ISPs but of everyone who publishes electronically. Anyone who posts a document on the World Wide Web (or on some similar systems) can include the addresses of other documents posted by other people; those addresses become "links", allowing a reader to easily "follow" the links (usually by clicking the mouse pointer on highlighted sections of text) and view the referenced documents. This very paragraph contains such a link in the first sentence, to the Government's Consultation Paper, and this submission contains many more; such links are the lifeblood of the Web.

If someone posts a document containing a link to illegal material posted by someone else, are they participating in the publication of that material? We argue not: it is no different from a newspaper reporting the address of a building in which illegal activities occurred. In the DeCSS case, a U.S. court ruled that a magazine which published links to allegedly infringing material was guilty of participating in the publication of that material. We suggest that that is bad policy, in just the same way that it would be bad policy to prosecute a newspaper for publishing the address where a crime was committed. Linking only reports the name and location of documents; it does not constitute publishing those documents or create any kind of participation relationship between the publisher of the link and the publisher of the documents.

What if someone posts a link to a document that is itself posted legally, but the link is posted without the permission of the privilege holder? This question has sometimes been examined (almost always in the U.S.A.) when the publisher of a large Web site has objected to the publication of "deep links", links which point at individual documents within the Web site instead of at the main "home" page. This issue was part of a larger dispute, for instance, in a lawsuit involving the Ticketmaster Web site. The claim has been made that copyright on a Web site includes the privilege of saying who may link to each document on the site. We suggest that that, also, is bad policy. The author of a book has no right or privilege to say who may write a review of the book, and include the title and publisher's name so that readers may find a copy of the book. The author cannot say, "Referencing this book is allowed, but scholars may only reference the Introduction, not subsequent chapters." Publishers of Web documents should not have the privilege of limiting who can refer to those documents, or how; that would be utterly contrary to the purpose of publication.

In summary, then, we recommend that no liability should accrue to publishers of links: linking to illegal material should not itself be illegal, and linking without the permission of the publisher of the linked-to document should not be considered an infringement of copyright privileges. Linking to a document consists exactly of citing the name and location of the document in an especially convenient form; that is not an activity that ought to be regulated under copyright law.

Q: 4. To the extent that a notice and take-down system is being contemplated, how would such a system affect the framework in Canada for the collective management of copyright? What alternative proposals should be considered? Under what conditions would a compulsory licensing system be appropriate?

A: Notice and take-down effectively transfers the power of the courts, in granting temporary restraining orders, from the hands of judges to those of plaintiffs. That is not a clever reform. Internet service providers are seldom in a strong position to carefully evaluate the validity of take-down requests, especially if by failing to honour a valid request they could open themselves to criminal prosecution; instead of attempting to make a fair judgment (which they could not do correctly anyway, and should not attempt: judgments are the function of judges), the ISP will attempt to err on the side of caution, simply honour all take-down requests, and hope to stay out of the fray.

That state of affairs gives privilege holders, usually large corporations, yet another advantage in the already unequal contest between them and alleged infringers. As seen in cases like cp4break, notice and take-down regimes will most certainly be used to promote other goals besides legitimate protection of copyright privileges. We note that Scandinavia Online AB complied with a take-down request from Microsystems Software Inc., even though the request was of questionable legality even in the U.S.A., demanded removal of material whose publication was protected by Swedish law, and was delivered by unauthenticated email. Scandinavia Online apparently made no effort to verify that the take-down request was genuine, and no apology or restitution to Eddy Jansson for the loss of his legally-posted research results nor the numerous completely unrelated documents they also destroyed.

Privilege holders might argue that electronic copyright infringement is unique because of the speed of network communications; in the time it would take to obtain a bona fide temporary restraining order from a court, many thousands of infringing copies could be made, rendering judicial relief impossible. As a result, they demand a faster procedure for addressing alleged infringements immediately, eliminating such annoying formalities as due process.

Indeed, something like that argument was made in the cp4break case, where the plaintiffs demanded, and got, the privilege unprecedented in U.S. law of serving court documents by email, with no authentication or security measures taken. As a plaintiffs' press release claimed, "Judge Harrington gave the company permission to serve notice of the immediate injunction via email to the defendants and 'their agents.' The company was serving the electronic notices immediately." They claimed that email service was necessary because traditional hand delivery of court documents would take too much time to be useful; an interesting idea, but not one that justifies discarding the traditional legal procedure of having a sworn process server deliver the documents by hand.

Insecure email is not even remotely comparable to legal document service, and the claim that time is of essence in copyright infringement cases does not excuse discarding the guarantees associated with traditional service. The law already addresses the concerns of plaintiffs in any suit who may be further damaged while the case goes to trial: such plaintiffs can seek a temporary restraining order. It is not necessary to re-invent that system especially for copyright infringement cases. If plaintiffs are concerned about ongoing harm before the case is settled, our words for them are "Tell it to the judge!"

Some of the problems of notice and take-down could be mitigated by penalties for ISPs who take sites down for alleged copyright infringement on no or invalid take-down orders, and a requirement that plaintiffs issuing a take-down order post a bond to cover the defendants' legal fees and damages to the defendants and ISP as a result of the take-down, in case the material under dispute should not be proven infringing. We also note that take-down orders would as a matter of course have to be served as any other legal documents, and not through the extremely fallible email system which provides no protection whatsoever against tampering with messages, no verification of delivery, and no proof of the identity of the sender. But even with those concerns addressed, the mere thought of giving plaintiffs the power to effectively issue temporary restraining orders all on their own authority, in online copyright or any other disputes, ought to be repugnant to elementary principles of law.

The appropriate way to address ISP liability concerns is to simply rule that ISPs are not liable. It is not necessary to provide a notice and take-down regime, a licensing regime, or some other regime forcing ISPs to do something to avoid liability. The need for action by ISPs should work in the opposite direction: service providers should not be liable for their clients' actions unless they do something to become liable, for instance by contributing illegal content to an illegal posting.

Q: 5. To the extent that issues surrounding the scope and application of the reproduction privilege are being examined in relation to Internet-based communications, are there reasons why this examination should be restricted to the question of ISP liability?

A: Possibly. There is no doubt that the technology is immature, making the Departments' desire for a technology-neutral solution a wise one. We could suggest that issues like the copyright status of peer-to-peer file sharing systems, for instance, should not be addressed in law until their effects on the marketplace have been tested for a few years. That could argue for a "wait and see" approach: solve the ISP liability problem now, because it is causing problems already, and wait before deciding on any other reforms. But technology will in some sense always be new; that is the nature of technology. And since the fundamental issues of copyright and freedom of expression have not changed since Bloody Mary, almost 450 years ago, there is no reason to expect that the issues will suddenly change if we wait a little longer.

In this section we provide, as background material, some case studies in copyright overextension. All these cases are set against a backdrop of U.S. copyright law, although some also involve other nations including Canada. Our purpose in describing these cases is not to provide exhaustive commentary on any of them but merely to illustrate some of the things that can go wrong when copyright is updated overzealously in an attempt to accommodate new technologies. Please remember that these cases are only a partial sampling of the ongoing U.S. copyright nightmare; there are many worrisome cases not mentioned in this submission.

Our first case is of special interest because it involved this author, Matthew Skala, directly. The story also involves "parental control" software, sometimes called "censorware": software that can be installed on a computer to limit the Internet access of users of that computer. For instance, an employer might install such software on business computers to prevent employees from viewing non-work-related Web sites. Such software is often billed as a means of "protecting" children from "pornography", but its actual function is often far broader: it is intended to filter out many other kinds of material as well.

Filtering software generally involves a list of forbidden Web sites; that list is a closely guarded secret, and even the person installing the software is not permitted to find out exactly which Web sites are being blocked. As has been shown many times in investigations conducted by Peacefire and various independent researchers, there is a strong temptation for vendors of censorware to use their products to promote political agendas, punish their enemies, and block negative reviews of their products. In short, this software represents a supreme technological realization of a policy Bloody Mary would doubtless have applauded: the suppression of ideas distasteful to whoever writes the blacklist.

Needless to say, the use of such software is a subject for extensive political debate; especially in the U.S.A., where Federal laws like the (http://www.ala.org/cipa/) Children's Internet Protection Act mandate the use of censorware in public institutions such as libraries. Is it appropriate for a privately-owned corporation to make a secret list of what Internet materials shall and shall not be readable in a public library? That question is obviously of interest, and democracy demands an open discussion of possible answers to it.

In early 2000, Eddy Jansson (working in Eskilstuna, Sweden), and Matthew Skala (this author, working in Victoria, B.C.), collaborated in writing a review of a censorware package called Cyber Patrol; at the time, the copyright privileges for Cyber Patrol were held by a U.S. corporation. Jansson and Skala examined the program from a scientific perspective. Their backgrounds are in computer programming and mathematics. In particular, they applied the techniques of what is called "reverse engineering", to essentially take the software apart and see how it worked, and "cryptanalysis" (mathematical code-breaking) to decode the secret blacklist.

In so doing, they discovered several major design and security flaws in Cyber Patrol; it was far below normal industry standards of software quality, despite being significantly advanced over other similar products. (Quality of censorware in general is, almost universally, abysmally poor.) They also discovered some evidence of political and other bias in the blocking list: for instance, a wide range of sites opposing nuclear war (including, for instance, portions of the City of Hiroshima Web site) were blocked and labelled "militant or extremist", Web sites promoting atheism were blocked as "Cult/Satanic", and so on. There were also inexplicable blocks, for instance of a (http://www.cet.com/~bangs/) publisher of classical sheet music. Note: that link was dead when tested on August 24, 2001; the documents may also be found by doing a Google search and clicking on the "Cached" links.

Jansson and Skala wrote a lengthy essay describing the procedure used for analysing Cyber Patrol and what was found. They also wrote some software of their own illustrating the cryptographic techniques, including a program called "cphack" which could decode all the secret files in a Cyber Patrol installation, displaying for the user the list of blocked Web sites. They posted the review, including their own original software, on Jansson's Web site in Sweden, in a package they called "cp4break". The essay was warmly welcomed by its intended audience of researchers and programmers. For instance, Dr. Peter D. Junger of Case Western Reserve University Law School (the same Dr. Junger of the Junger v. Daley code-as-speech case mentioned earlier) said in a mailing list message:

But, anyway, I wanted to point out that this is seriously useful educational stuff; it's not just a cute hack, although I am sure that it is that too. The programmers explain how they went about opening up the filter program, using intuition, a disassembler, and a lot of skill and knowledge.

When Jansson's and Skala's findings were published, the vendors of Cyber Patrol, namely Microsystems Software Inc. and Mattel Inc., both U.S. corporations, immediately sued both men and their respective ISPs, Islandnet (in Victoria) and Scandinavia Online (in Sweden). Scandinavia Online deleted Jansson's entire Web site from its servers, apparently in response to an emailed copy of the court filings; Islandnet asked Skala to remove a link to Jansson's Web site, but took no further action. The lawsuit was filed in U.S. Federal court in Boston, Massachusetts, the plaintiffs claiming that that court had jurisdiction because although the review was posted in Sweden, one of the many Web sites on which the review was announced was located in Massachusetts. The lawsuit claimed six things:

Copyright Infringement against Jansson and Skala: on the basis that the review, despite being original work, was somehow derived from Cyber Patrol (for which the plaintiffs held the privileges) or else that in order to write the review the defendants must have copied Cyber Patrol illegally.

Copyright Infringement against the ISPs: for their participation in Jansson's and Skala's activities.

Breach of Licensing Agreement: on the basis that in order to have gotten a copy of Cyber Patrol in the first place, Jansson and Skala might have agreed to a license agreement forbidding reverse engineering.

Interference with Advantageous Business Relations: by publicizing the substandard design and insecurity of Cyber Patrol, the defendants had made it more difficult to sell copies of the package.

Conversion: that in writing their review, Jansson and Skala had converted Cyber Patrol.

Theft of Trade Secrets: that by examining the software, the reviewers had discovered, and stolen, secrets about its operation.

This case, of course, raises many interesting legal questions which we do not have space to discuss fully here. First, it is worth nothing that this action was brought under conventional copyright law - not under the Digital Millennium Copyright Act, although the DMCA was brought up in subsequent filings. Next, the choice of venue is of interest. For reverse engineering that occurred in Canada and Sweden, and was published in Sweden, why sue in a U.S. court? The jurisdiction question is doubly interesting because the judge in Boston did rule that he had jurisdiction, and the case proceeded there despite the fact that none of the defendants was represented.

The list of claims is interesting as well. The first claim, probably the most significant one, alleges that even though the Jansson/Skala posting contained only tiny quotes from Cyber Patrol, in the context of a lengthy and completely original discussion, it should nonetheless count as copyright infringement, apparently because Jansson and Skala read Cyber Patrol before writing their review. Note our use of the word "read" to describe the activity of comprehending the software: as discussed earlier, software is a form of written language that can be read by an appropriately-trained person in the same way that a book can be read.

The other side of the first claim, that Jansson and Skala must necessarily have copied Cyber Patrol illegally in order to conduct their analysis, is interesting too because it places the privilege of restricting copying ahead of fair dealing, and touches on the difficult task of defining "copying" in the computer realm. As noted in the Consultation Paper on Digital Copyright Issues, transmission of electronic documents and other computing activities including the reverse engineering at issue here often necessitate creation of transient copies of information; it is not clear that such transient copies should count as reproduction for the purposes of the copyright reproduction privilege, but that was the theory put forward in the court case. In Canada, writing a review often falls under the "fair dealing" exemptions to copyright law; whether this is a difference between U.S. and Canadian law, or merely a spurious claim even under U.S. law, is unclear.

The second claim, that Scandinavia Online was liable for the alleged infringement merely for hosting Jansson's Web site containing the allegedly infringing material, and that Islandnet was liable merely for hosting Skala's Web site which did not even contain the allegedly infringing material at all but contained a link to Jansson's site, directly implicates the issues of ISP liability and the status of links, described in the Q&A section above.

The "Breach of Licensing Agreement" claim implicates the whole issue of the validity of click-through license contracts, about which we could write another submission the size of this one, and may well be forced to when click-through contracts become a subject for consideration in Parliament. Since this is not one of the copyright issues currently on the table, however, we shall not visit it here except to mention that the license agreement in question was limited to ban reverse engineering "except to the extent that this restriction is prohibited by applicable law", and that such restrictions are indeed traditionally prohibited by law (i.e. reverse engineering is always allowed) in many jurisdictions including Sweden.

The remaining three claims can be lumped together: they visit the questions of whether reviewers cause actionable damages by publishing a negative review of a product, and whether vendors of a product can use copyright law to suppress unfavourable reviews. We think not.

The later history of this case is lengthy and complicated. The two sides negotiated towards an out-of-court settlement. During the negotiations, the plaintiffs also filed suit in British Columbia Supreme Court. A settlement was reached in which the defendants agreed to stop distributing the essay and software; largely because Jansson and Skala, an unemployed person and a graduate student respectively, had no resources for an extended court battle in a foreign country against a multi-billion-dollar corporation. Skala's copyright privileges to the essay and software were purchased by the plaintiffs for a dollar, and Jansson's were apparently turned over to the plaintiffs free of charge. The Boston court issued a permanent injunction backing the settlement agreement.

But in the mean time, many other Web sites had posted copies of the material (indeed, the documents remain widely available on the Web to this day), and it was not clear whether the out-of-court settlement could apply to anyone but the defendants. Three "mirror" sites in the U.S., which had posted the review under its original very permissive distribution terms, attempted to appeal the Boston court's injunction supporting the out-of-court settlement, claiming that because they had not agreed to the settlement, they still had a right to be heard as to their right to publish the review, even though the original defendants had withdrawn. The request for appeal was denied, leaving the legal status of mirror sites unclear.

Meanwhile, the anti-circumvention provisions of the Digital Millennium Copyright Act, which at that time had their enforcement suspended pending review, were under review by the U.S. Register of Copyrights, a branch of the Library of Congress. The Register of Copyrights conducted a public comment process much like the present Canadian copyright reform public comment process. And on October 27, 2000, the Library issued a final rulemaking setting out what classes of works were to be exempt from the anti-circumvention provisions until October 28, 2003. Those classes of works, the works for which circumvention is permitted under the DMCA, quoted from the final rulemaking, are:

(1) Compilations consisting of lists of websites blocked by filtering software applications; and

(2) Literary works, including computer programs and databases, protected by access control mechanisms that fail to permit access because of malfunction, damage or obsoleteness.

There is some reason to believe that the decision to include point (1) above was influenced by the writings of this author on the cp4break case, which case was cited in the final rulemaking. We are of course pleased that circumvention of censorware could be considered so important as to be one of only two things that rated inclusion on the list, when so many other worthwhile kinds of circumvention were excluded. We agree that this is an important issue. But we suggest that the list should have been much longer; or alternatively much shorter, consisting of the single item "(1) All works."

After having their appeal rejected for lack of standing, and the Register of Copyrights exemption rulemaking which could be seen as giving a green light to critical review of censorware (note, though, that the original case was not brought under the DMCA but under ordinary copyright), the three mirror sites who had appealed decided to go ahead and republish their copies of the suppressed documents, which they had withdrawn during the court battle. By that time, the Cyber Patrol product and privileges had been sold to a U.K.-based company, Surfcontrol, who showed no signs of eagerness to prosecute mirrors.

Subsequent to this publication of the review by Jansson and Skala, several more flaws in Cyber Patrol were found and published, An activist project called Operation Bait and Switch proved by experiment that Cyber Patrol would give large organizations preferential treatment when evaluating Web pages for "hate speech", apparently because of a fear of libel lawsuits from Web sites unfairly labelled as hateful. The "enterprise" version of Cyber Patrol, intended for installation on a corporate firewall, was found to open the client's network to attack, by virtue of a design flaw called a "buffer overflow". The America Online "youth filters", based on a licensed version of Cyber Patrol, were found to block some national political parties but not others, prompting the headline "AOL protects kids from Liberals". Another reviewer, also reverse engineering Cyber Patrol, revealed that it used dramatically substandard security measures when dealing with the user's personal information including credit card number.

Much more detail about this case, including links to stories about it from CBC Television, Macleans magazine, and so on, is available from this author's (http://ansuz.sooke.bc.ca/cpbfaq.html") Cyber Patrol Break FAQ (Frequently Asked Questions) Web posting. Here are some points about this case of particular interest for the present submission:

The reviewers had to circumvent the product's access control technologies in order to write their review.

Although the work was done in Canada and Sweden and published in Sweden, where it was legal, U.S. copyright law nonetheless became significant.

The action was brought in Boston under ordinary copyright law, not the DMCA (whose anti-circumvention provisions were at the time not being enforced).

The defendants were forced to concede the out-of-court settlement, despite having had arguably a strong case even under U.S. law, because of the overwhelming difference in resources between individuals and a large corporation.

Although the settlement affected the defendants, it had no real effect in stopping distribution of the allegedly infringing material. Indeed, mirror sites distributed it all the more eagerly for knowing that it was legally sensitive.

The Library of Congress added an item to its exemption list, in effect changing the law, apparently just because of this case and the uproar it caused.

The next case we consider also involves a corporate attack on student research, but this time carried to the much more unpleasant level of actual criminal charges. Dmitry Sklyarov is a Russian citizen, and a PhD student (much like this author) at Moscow State Technical University. His thesis research involves digital rights management technologies.

In particular, Sklyarov examined the security of the "Adobe eBook" system, which allows publishers to distribute books in an electronic format, and attempts to enforce limitations on use of the books. By limiting use, the system hopes to have the effect of limiting copying. The system does not and cannot directly prevent electronic books from being copied, but it attempts to control use in other ways, for instance by keying a book to an individual computer, making a copy harder to use, regardless of whether the copy was made illegally or for "fair dealing" purposes.

The eBook system also includes other use-limiting features, for instance one designed to prevent users from applying text-to-speech "read aloud" software. That feature would appear to harm the accessibility of electronic books to visually disabled persons, and might indeed fall into the category of "terms and conditions . . . not . . . legally valid in Canada" described in our discussion of rights management information above. As the Adobe corporation has been quick to point out, this anti-accessibility feature is under the control of the book publishers, so some books may still be accessible, but that fact is of little comfort to a visually impaired person who might want to read a book for which the publisher chose to activate the feature.

Dmitry Sklyarov's work on the security of the Adobe eBook system revealed serious design flaws in that system, just as the work of Jansson and Skala revealed serious design flaws in Cyber Patrol, and the work of Felten et al. revealed serious design flaws in SDMI. Sklyarov's employer, a Russian corporation called Elcomsoft, began selling, in Russia, a product they called Advanced eBook Processor (AEBPR), which exploited some of the flaws in the eBook system in order to allow users of electronic books to exercise their fair dealing rights towards their legally-purchased books. For instance, with AEBPR, visually impaired users could have their computers read books aloud to them; and critics could cut-and-paste quotes from books for use in reviews. The Advanced eBook Processor software was certainly legal in Russia; in fact, the original Adobe eBook system without AEBPR was arguably illegal in Russia, because its DRM features infringed upon the legislatively protected fair dealing rights of book users.

The case captured public attention when Dmitry Sklyarov travelled to the U.S.A. to give a presentation on his thesis research at a computing conference in Las Vegas; just as, earlier in the year, this author gave a presentation about his own thesis research in Baton Rouge. Giving conference presentations about one's work is a normal part of the process of attaining a graduate degree. Because so many computing conferences are in the U.S.A., it is quite common for graduate students from Russia, Canada, and everywhere else to travel to the U.S.A. as part of their education. After giving his presentation, Dmitry Sklyarov was arrested by the Federal Bureau of Investigation, responding to a complaint from Adobe Corporation, and imprisoned for approximately three weeks without bail. Sklyarov was later released on US$50,000 bail into the custody of a Russian-American software developer with some connections to Elcomsoft.

The complaint from Adobe claimed Elcomsoft's sales of the Advanced eBook Processor software constituted "trafficking in a circumvention device" for the purposes of the Digital Millennium Copyright Act, and were therefore illegal under that Act. Why Dmitry Sklyarov should be arrested personally, instead of the charges being pursued against Elcomsoft, was not clear. Sklyarov was arguably a co-author of AEBPR but certainly not involved in its sales. It appears that the FBI at one time believed that Dmitry Sklyarov was the holder of the copyright privileges to AEBPR, but that does not appear to be the case currently. It may also be that since he was present in the U.S.A. for academic reasons, and because his research detailing the flaws in the eBook system was surely embarrassing to Adobe, he made an attractive and convenient target. Some of these issues are discussed in an Electronic Frontier Foundation (http://www.eff.org/IP/DMCA/US_v_Sklyarov/us_v_sklyarov_faq.html#WhyArrested) FAQ entry.

Sklyarov's arrest sparked protests in cities across the U.S.A. and worldwide. The Adobe corporation, realizing how serious a public relations problem they had created with their complaint, agreed to hold a meeting with with representatives from the Electronic Frontier Foundation on July 23, 2001. After that meeting, the two groups issued a (http://www.eff.org/IP/DMCA/US_v_Sklyarov/20010723_eff_adobe_sklyarov_pr.html) joint press release in which Adobe withdrew its support for the criminal charges, claiming that "the prosecution of this individual in this particular case is not conducive to the best interests of any of the parties involved or the industry."

That claim seems suspect, however, given that Adobe initiated the charges themselves, asking the FBI to arrest Sklyarov; surely they could have expected his imprisonment and prosecution as a result of their complaint. Adobe's withdrawal of support for the charges does not stop the case now that it is being pursued by the United States, and in (http://www.eff.org/IP/DMCA/US_v_Sklyarov/20010727_eff_sklyarov_pr.html) a July 27 meeting, the U.S. Attorney-General's Office showed no intention of stopping the proceedings. So although Adobe may improve their public image by "back-pedalling" from the charges, they still achieve their goal of suppressing criticism: Sklyarov continues to face serious criminal penalties for his research.

This case is proceeding rapidly and as of this writing, in mid-August 2001, it is impossible to predict the eventual resolution. The next major milestone will be a pre-trial hearing on August 23. Protests continue, and statements of support are pouring in from the academic, computing, and legal communities. Current information may be obtained from the (http://www.eff.org/IP/DMCA/US_v_Sklyarov/us_v_sklyarov_faq.html) Frequently Asked Questions file maintained in the Electronic Frontier Foundation's (http://www.eff.org/IP/DMCA/US_v_Sklyarov/) archive on the case. A brief personal view of the case can be found in this author's article The New Professional Criminals, printed in the newsletter of the Greater Victoria Personal Computer Users' Association. For the purposes of the present submission, we wish to emphasize the following points:

The AEBPR software had many lawful uses - for instance, enabling visually impaired users to have their books read aloud.

AEBPR worked against "technological protection measures" in the eBook system with significant arguably unlawful uses - for instance, protection of "eBooks" against critics who might write unfavorable reviews.

Sklyarov's research, and his trip to the U.S.A., were in the context of his Doctoral thesis project.

Notwithstanding that the AEBPR product was sold by the Elcomsoft corporation, the case was pursued against Sklyarov personally, apparently because his presence in the U.S.A. and relatively poor financial circumstances, as a student with a family to support, made him a convenient target.

The circumvention of Adobe's "digital rights management" technology occurred in Russia, where such circumvention is perfectly legal.

The sale of the "circumvention device" (namely, the AEBPR software) also occurred in Russia, albeit through a U.S. credit card processor.

Nonetheless, Adobe and the U.S. Attorney-General's office are claiming that U.S. law in this matter should take precedence over Russian law.

The case has resulted in significant public outcry and a "brain drain" away from the U.S.A., as foreign researchers fear sharing Sklyarov's fate should they attend U.S. conferences.

The next case concerns one of the biggest of the "copyright industries": the motion picture industry. This case revolves around Digital Versatile Discs (DVDs), which are billed as the next generation in recorded movie technology, a new and much improved system to replace the currently popular analog video cassette schemes (for instance, VHS). Also implicated are Digital Rights Management (DRM) issues, national sovereignty, and the liability of network intermediaries, especially for linking (as described in our Q&A subsection on that topic).

We begin with some background. DVDs are plastic discs physically resembling current audio and computer CDs. The only critical difference is that DVDs can store a great deal more digital content than CDs, as a result of technological advances in the time since CDs were introduced. At present, DVDs are used primarily as a distribution medium for recorded motion pictures. When so used, the movie data is stored in an encrypted form, playable only with equipment containing certain secret "keys" distributed only under non-disclosure agreements by the an industry group called the DVD Content Control Association (DVD-CCA). Other equipment, for instance computer DVD drives, can still read and copy the movies; but they can only be actually watched on equipment containing the keys.

The encryption scheme, called the Content Scrambling System (CSS), is claimed to exist as an anti-piracy measure. However, that claim does not bear rational scrutiny since it is still perfectly possible for consumers to read the encrypted files off the discs, copy them (perhaps via the Internet), and later view the copied files. The CSS encryption does nothing to prevent copying of DVD movies. We suggest that the actual purpose of CSS is quite different: to confer upon the DVD-CCA's chosen favourites a monopoly on DVD playback systems. This suggestion appears especially plausible when we introduce an additional aspect of the DVD system: region coding.

With region coding, the world is divided into six zones called "regions". Each DVD disc and player is coded with the region in which it was sold; a player can only play discs from its own region. (There are some additional complications, including limited provisions for "moving" a player to a new region.) The stated purpose of the system is to allow studios to control the availability of motion pictures worldwide; if a movie is released in North America, for instance, but not yet viewable in European theatres, the studios want to prevent North Americans from selling recorded copies to Europeans. This system clearly is useful in protecting the privilege of the studios to control where movies can be viewed. Whether that privilege is worthy of protection, however, is another question entirely. It is certainly not one of the standard privileges in the copyright bundle. The movie studios have done business perfectly well for a long time without being able to prevent international trade in video tapes; why should they be able to prevent buyers of DVDs from viewing the DVDs overseas?

The CSS-created DVD playback monopoly is manifestly contrary to consumer interests. Quite apart from the objections that can be raised against region coding, there is at present no DVD-CCA licensed playback software for the popular Linux personal computer operating system. In the DVD-CCA's scheme of things, anyone who wanted to watch DVD movies with a PC would be forced to use the Microsoft Windows operating system. Of course, we need not remind readers of the monopoly concerns surrounding Microsoft Windows.

The popularity of DVD movies lead to an effort to make them viewable under Linux. As part of that effort, a group of volunteers created a piece of free software known as DeCSS. The DeCSS software can translate the encrypted content on a DVD into an unencrypted form viewable with other software, thus allowing users of operating systems like Linux to watch DVD movies. Again, we emphasize that DeCSS does not directly have anything to do with copying of movies; it is a viewing tool. As in the SDMI Challenge case discussed next, the debate here involves DRM technology designed to limit the use of legally purchased media, but claimed (by those who stand to gain from the technology) to be intended as a limit on copying. We also note that, just as in SDMI Challenge, the DRM technology here exists not to enforce the law but rather to enforce the privilege holder's wishes, lawful or not. Anyway, the function of DeCSS is to decrypt (arguably to "circumvent") files blockaded by CSS, thereby allowing viewing without the cooperation of the DVD-CCA.

The DVD-CCA filed lawsuits against all and sundry in response to the existence of DeCSS, vainly attempting to pour the genie back into the bottle once the software was released. They acted to protect their monopoly on DVD playback, with a speed and viciousness seldom matched in the history of corporate litigation. The network community responded by distributing copies of DeCSS far and wide, and concocting elaborate examples to test the limits of the DVD-CCA's censorship attempts. For example, it is now possible to buy T-shirts printed with copies of the DeCSS source code, and listen to recordings of people singing the source code to musical accompaniment.

Being a form of written language, software lends itself to such distribution; any form of human communication can be made to serve as a distribution channel for software. Hard to believe as this may seem, the DVD-CCA did sue the T-shirt manufacturer under the Digital Millennium Copyright Act, claiming that the T-shirts constituted a "circumvention device". As of this writing, it is practically impossible to spend any time researching intellectual property on the World Wide Web without being inundated by dozens of copies of DeCSS expressed in various creative forms. One archive of many such expressions is maintained by Dr. David Touretzky at Carnegie Mellon University. Despite such high-profile distribution of the "circumvention device", the epidemic of DVD piracy that the DVD-CCA claimed to fear has not materialised.

We shall draw attention to only two specific cases here. Others are discussed in the Electronic Frontier Foundation's (http://www.eff.org/Intellectual_property/Video/) online archives and in sites linked from there. The first case we consider is, so far as we know, also the first one filed over DeCSS: namely the criminal case in Norway against DeCSS co-author Jon Johansen. This case is described in (http://www.linuxworld.com/linuxworld/lw-2000-01/lw-01-dvd-interview.html) a LinuxWorld interview. On January 24, 2000, police from the Norwegian Department of Economic Crime (a special unit normally tasked with multi-million-dollar international fraud cases) entered the home of Johansen, then 15 years old. (He is described as 16 years old in many media reports because he turned 16 shortly after this episode.) They seized his computer equipment and cellular telephone, and took him to a local police station for several hours of questioning. His father, Per Johansen, was also questioned. Both Johansens were charged with criminal violation of the Norwegian copyright law and a general "hacking" law, in response to a complaint filed by the local representatives of the Motion Picture Association of America (MPAA). This case is ongoing in Norway; more detail is available in the (http://www.eff.org/ Intellectual_property/Video/DeCSS_prosecutions/Johansen_DeCSS_case/) EFF archive.

We highlight the Johansen case because it raises some interesting issues. First, although the case under Norwegian law was questionable at best (Norway has nothing like the DMCA), the Norwegian authorities were willing to cooperate with the MPAA's complaint to such a great extent that they sent their special unit reserved for large-scale "economic" crimes, to bring in a single 15-year-old. It looks like a situation of U.S. policy dictating enforcement practice in a foreign and supposedly sovereign country. Also, it is worth noting that Johansen was not the author of the decryption portion of DeCSS, nor the publisher of the software; he posted a link to the software on his Web site (just as the present author posted a link to cp4break on his own Web site). Treating linking as "trafficking" implicates the network intermediate liability concerns we discuss in the Q&A section. It appears that Johansen was pursued in preference to the two anonymous DeCSS co-authors simply because he was most convenient.

The other case we wish to highlight involves a magazine named 2600 (named after a now-obsolete control signal used in telephone systems). In an article about the DeCSS controversy, 2600 published a link to the software; they were sued by the movie studios on the theory that by publishing the link, the magazine was "trafficking" in a "circumvention device" for the purposes of the Digital Millennium Copyright Act. This case has become known as Universal et al. v. Reimerdes et al., and detailed court documents and other material are available via the Harvard OpenLaw site.

Here, again, the plaintiffs claimed that publication of a link, in other words the exact location and name of a document, could constitute "trafficking" in the document; as well as the also-questionable claim that a computer program, a form of expression protected by the U.S. Constitution (as well as the Canadian Constitution, of course) could constitute a "device". On the strength of those claims, and the unstated but heavily implied claim that the 2600 editors are evil "hackers" and so must be guilty of something, the plaintiffs demanded an injunction against 2600 preventing them from publishing DeCSS or any links to it. The injunction was granted, and the appeal is ongoing.

As well as its focus on the linking question, since 2600 never did actually publish DeCSS but only links to it (as did many other news outlets), this case is of interest because of the many informative amicus briefs it attracted. For instance, a brief submitted by a group of distinguished computer scientists presented arguments similar to ours above for why computer software should be treated as a form of expression and protected by the First Amendment, the U.S. equivalent of our Charter "freedom of expression" guarantee. As the brief says:

3. Copyright law already recognizes that code, both source and object, may be copyrighted as a literary work or an original work of authorship. 17 U.S.C. SS 102(a)(1). It does not take a leap of faith to say that a copyrightable literary work is a work entitled to full First Amendment protections, regardless of its functionality.

The points relating to DeCSS that we wish to highlight for the purposes of the present submission are as follows:

Although claimed to be a "digital rights management" system, CSS appears designed primarily to create and support a monopoly on DVD playback for equipment manufacturers chosen by the DVD-CCA.

CSS does not prevent copying of DVD movies, notwithstanding that that is its stated purpose.

Even if CSS did prevent copying, it would prevent copying in accordance with the privilege holder's wishes, which are not necessarily lawful. Fair dealing traditionally permits some copying directly against the privilege holder's wishes, for instance for purposes of criticism, parody, or after the copyright has expired.

The region coding aspects of CSS extend the studio's powers even further, to control not only which equipment may play back DVDs but also in which countries DVDs may be watched.

The studios' widespread and vicious attempts to prosecute everyone publishing DeCSS, links to DeCSS, discussion of DeCSS, DeCSS T-shirts, etc. had the main result of ensuring ubiquitous distribution of DeCSS.

Despite the ubiquitous distribution of DeCSS, we see no evidence of a DVD piracy epidemic.

The various DeCSS prosecutions implicate virtually all "new media" copyright issues; we especially note the "code as free expression" and "liability for linking" issues.

The arrest of Jon Johansen in Norway, apparently for violating the U.S. Digital Millennium Copyright Act (notwithstanding the pretext given for the arrest under Norwegian law), calls into question whether Norwegian sovereignty means anything in copyright matters anymore; and if Norway must bow to U.S. copyright interests, is Canada also subject to such domination?

Circumvention of computer software is probably of most interest to computer programmers, a relatively small group, and Internet-based copying of movies and video is not yet even alleged to be a huge problem, simply because the Internet is still too slow to deliver such large files conveniently. The next case concerns a medium of much more general interest: digital music. Almost everyone listens to music, and Internet-based copying of audio has certainly captured public attention in the last few years. This case is also interesting because it involves the claim that a scientific paper per se, without accompanying software or other demonstrations, can constitute a "circumvention device" and be ruled illegal.

The Secure Digital Music Initiative (SDMI) is an attempt by a coalition of corporations in the recording industry, to create and force upon consumers a framework for automatic enforcement of copyright and other privileges. The fundamental concept of SDMI is that music should never be available to consumers in usable digital form. Instead, it is stored encrypted. Only playing equipment designated as "compliant" by the SDMI Coalition is able to read the encrypted music, and such equipment is required to convert the signal to a lower-quality analogue form before making it available to the listener. There are also provisions for two designated devices (for instance, a DVD Audio player and a set of speakers) to verify that they are both members of the "SDMI club", at which point they will be able to exchange higher-quality digital data. The system includes watermarking and other "rights management information" schemes so that privilege holders can specify restrictions on what uses may be made of the audio signal.

SDMI thus attempts to create a "Chinese wall" (to borrow a financial term) between the consumer and the recorded music. Music can move freely between devices designated as "SDMI-compliant", but must be translated to a lower-quality form before it is available to other devices. The claimed purpose is to prevent illegal copying; but that claim does not completely ring true, as the system cannot prevent simple duplication of the encrypted data.

Also, even if SDMI did prevent unauthorized copying (which it does not), it would prevent all copying without the privilege holder's permission, regardless of purpose, and as we have described, not all copying without permission is illegal. Copyright law as it stands today often permits copying for fair dealing purposes, even directly against the wishes of the privilege holders. For instance, copying is allowed for purposes of criticism or parody, or after the copyright expires, and those are situations where the privilege holder or former privilege holder might well want to prevent copying. We wish to emphasize that SDMI does not enforce the law: SDMI enforces the privilege holder's wishes, whether those are legal or not. The same could be said of most if not all DRM technology.

One could also raise questions of economic manipulation. To create SDMI-compliant audio equipment, manufacturers must obtain a license for the technology from the SDMI Coalition. Those licenses cost a lot of money, certainly enough to effectively preclude amateur construction of audio players for free operating systems like Linux; and the SDMI Coalition may impose arbitrary contractual conditions on the licensees, or deny licenses to some licensees outright. If the Coalition were successful in its goal of having all music released only in SDMI-compliant form, its members would then have monopoly control on music playback equipment. That situation would not appear to be in the consumer's interest.

Such issues were raised loudly by consumer advocates when the SDMI project was announced, much public debate followed, and so there was considerable interest when the members of the Coalition (http://www.sdmi.org/pr/OL_Sept_6_2000.htm) announced a contest called the "Hack SDMI Challenge" in September 2000. The contest invited the Internet community to test the security of several technologies proposed for use in SDMI, primarily "watermarking" schemes for embedding restriction information in audio signals. The contest organizers provided several example files containing audio with and without watermarks, and an "oracle" for verifying successful removal of the watermark signals.

Participation in the contest was controlled by a "Click-Through Agreement" specifying that the example files were only to be used for the purposes of research on the watermarking scheme. Please note that we question the entire validity of click-through agreements, which purport to create contractual obligations without a signature, but that is a topic beyond the scope of this submission. For the purposes of this case study, let us accept as a legal fiction that the SDMI Challenge click-through agreement was legally binding. The contest also specified that in case researchers should successfully defeat the DRM technologies, the prize money would only be awarded on acceptance of a second agreement binding the researchers not to publish their results.

There was considerable support in the security community for (http://noframes.linuxjournal.com/articles/misc/0022.html) a boycott of the SDMI Challenge, on the theory that SDMI was a bad initiative, contrary to consumer interests, and that it was inappropriate for socially responsible security professionals to help the SDMI Coalition in its efforts to gain monopoly control on music playback. This author refrained from participating for precisely that reason. Also, it was suggested that the stated prizes (the largest of which was US$10,000) were nowhere near enough to pay for the value of such security work, especially given that a reviewer could invest considerable time in the analysis without any assurance of being paid prize money at all. Nonetheless, some researchers did take up the challenge, including a group headed by Dr. Edward Felten of Princeton University. Prior to this work, Dr. Felten was perhaps best known for his role as an expert witness in the antitrust case against Microsoft Corporation.

The work of Felten et al. was successful; they were able, with surprisingly little work, to defeat all the technologies in the SDMI Challenge, except possibly for two technologies where flaws in the contest design made it impossible to verify success. Subsequent events are well chronicled on the research group's Web site and in the Electronic Frontier Foundation's archive of documents relating to this case.

The researchers decided to forgo the second phase of the SDMI Challenge, which would have required them to secretly hand over their results to the SDMI Coalition in exchange for prize money. Instead, they wrote a scientific paper, titled Reading Between the Lines: Lessons from the SDMI Challenge. The paper was submitted to the Fourth International Information Hiding Workshop, which was to be held in Pittsburgh, U.S.A., April 25-27, 2001, where it was accepted through the normal scientific peer-review process. Related work also went into other documents, for instance the Doctoral thesis of Min Wu.

The SDMI Coalition responded with a series of threats against the researchers should they publish their results, culminating in an April 9, 2001 letter to "Edward Felton" [sic] in which Matthew J. Oppenheim, Senior Vice President, Business and Legal Affairs, of the Recording Industry Association of America, claimed that "any disclosure of information that would allow the defeat of [the SDMI Challenge] technologies would violate both the spirit and terms of tthe Click-Through Agreement (the 'Agreement')." That letter goes on to claim "Such disclosure is not authorized by the Agreement, would constitute a violation of the Agreement and would subject your research team to enforcement actions under the DMCA and possibly other federal laws."

As a result of this and other threats against members of the team, their employers, and the conference organizers, the Information Hiding Workshop and the Felten research team decided to withdraw the paper from the conference. The series of threats and the withdrawal of the paper are described in the sworn Declaration of Dr. Edward Felten in the case of Felten et al. v. RIAA et al. discussed below. Instead of his scheduled presentation, Dr. Felten read a brief statement explaining that his team's scientific publication had been cancelled as a result of threats from members of the SDMI Coalition. Also at about this time other documents were suppressed; for instance, Dr. Min Wu was forced to remove a chapter from the Web posting of her Doctoral dissertation, as described in her own Declaration in the same court case. As usual in such cases, something alleged to be the suppressed paper was immediately leaked and mirrored at numerous sites worldwide.

The idea that corporations could suppress scientific work they find inconvenient naturally incensed members of the scientific community and the public. In an apparent attempt to minimize the damage to their reputation, the RIAA issued a press statement in which they claimed (http://www.riaa.org/PR_Story.cfm?id=407) never to have threatened Felten et al.. After the extensive history of threats already documented, that statement hardly seemed reassuring, and the researchers began a lawsuit of their own against the RIAA, SDMI, and various other parties, seeking a declaratory judgment and injunctive relief allowing them to publish their work in the future without fear of lawsuits. Declarations supporting this suit have been filed by such luminaries as Alan Cox, of the Linux kernel development team; Bruce Schneier, the author of one of the standard reference works on cryptography; and the Association for Computing Machinery, a major professional organization for computer scientists. As the lawsuit progressed, the Felten team also did present substantially the same work on August 15, 2001 at the 10th USENIX Security Symposium in Washington, D.C., U.S.A.

This case, like the Sklyarov case, is ongoing as of this writing, and further developments will doubtless occur before the September 15 comment process submission deadline. Based on the case up to the present time, we should like to draw attention to the following points:

SDMI, should it be successful, could endanger fair dealing and give members of the Coalition a monopoly on audio playback equipment.

The SDMI Coalition invited the entire network community, including Dr. Felten and his team, to analyse the security of the technologies in question.

The SDMI DRM technologies were found to be patheticly insecure.

The SDMI Coalition was successful in suppressing the research results of Felten et al. by a series of threats which they later denied making.

The suppressed results consisted solely of an academic paper, with no software or other "circumvention devices" involved. Moreover, no specific copyrighted work was reverse engineered; the results were based solely on examination of the example files provided in the challenge. Thus, the threats were predicated on the assumption that words in English, and those alone, could constitute a "circumvention device".

The results, despite being withdrawn from the conference, were soon available on the World Wide Web.

There was widespread support from the scientific community for the countersuit against SDMI.

The Mathworld Web site, available most recently through the site of Wolfram Research, was a good example of the unique opportunities for public participation offered by the Internet. Mathworld was a sort of encyclopaedia of mathematics, with thousands of articles covering all aspects of the discipline. It was maintained by Dr. Eric Weisstein, originating in a collection of his own notes on various mathematical topics and then expanded with articles and references contributed by readers all over the world.

In 1997, Dr. Weisstein entered into a contract with CRC Press, a major academic publisher, to publish a book called The CRC Concise Encyclopedia of Mathematics, derived from his Web site. (http://mathworld.wolfram.com/docs/WeissteinBookContract.html) The contract transferred to CRC Press the copyright privileges on the book, which is described as "approximately 1400 camera-ready manuscript pages". The Web site (at that time called "Eric's Treasure Trove of Mathematics") remained online.

We shall only summarize the events that unfolded during the next several years. The "Treasure Trove" Web site continued to develop, with the addition of further contributions from the general public. Dr. Weisstein entered into another contract with CRC Press, to publish a CD-ROM based on the contents of the Web site (now updated beyond the material in the printed book). For some time, the Web site was restricted, with various sections disabled on a rotating basis, in order to encourage users to buy the book or CD-ROM instead. Despite price increases and a minimum of advertising and promotion from CRC Press, the book continued to sell well, apparently due to its exposure on the Web site. In 1999, Dr. Weisstein began working for Wolfram Research, a company best known for its "Mathematica" symbolic algebra environment. Shortly thereafter, he moved the "Treasure Trove" Web site to a server operated by his new employers and gave it a new name: MathWorld. Dr. Eric Weisstein and Wolfram Research were promptly sued for copyright infringement by CRC Press, in the U.S. District Court for the Southern District of Florida. (The case was later transferred to Central District of Illinois.)

The lawsuit appears to be based on a claim that instead of the book being derived from the Web site, as described above; or the current Web site and the book both being derived from some previous Web site, another reasonable theory; instead the current Web site was derived from the book. Since the Web site existed, albeit in a much more primitive form, long before the book was conceived, that claim seems questionable. Taking it as a fiction, if the claim were true, CRC Press might be able to claim copyright privileges on the Web site under the contract language which assigns to them privileges on "derivative works" from the book; and that is the basis of their lawsuit. Despite the specification in the contract that the work being licensed consisted of camera-ready manuscript pages, CRC Press claims that the electronic posting was part of what they bought.

However, the case may also implicate other legal issues, including thorny questions of contract law which could decide the case without ever referencing "new media" copyright. Because of irregularities and ambiguities in the contract, it is not at all obvious what privileges CRC Press can claim. Consider, for instance, the following quote taken directly from the contract:

The Publisher's exclusive rights include, without limitation, the right to reproduce, publish, sell, and distribute copies of the Work, selections therefrom, and translations and other derivative Works based upon the Work, in print, audio-visual, electronic, or by any and all media now or do hereafter known or devised, and the right to license or authorize others to do any or all of the foregoing throughout the world. The Publisher will register copyright in the Work in the name of the Publisher in compliance with the United States Copyright Law. If the Publisher supplies artwork (including artwork for the cover of the Work), it may register copyright separately therein in a manner satisfactory to the Publisher. visual, electronic, or by any and all media now or hereafter known or devised, and the right to license or authorize others to do any or all of the foregoing throughout the world. The Publisher will register copyright in the Work in the name of the Publisher in compliance with the United States Copyright Law.

It is especially unfortunate that that bizarre repetition and sentence fragment, apparently caused by a last-minute substitution of a revised page without updating other pages, should involve the critical "derivative works" language. Not, of course, that any part of such a contract could safely be disarranged; every clause is important. These kinds of issues are discussed at length in the archive of court documents and other material available via the (http://mathworld.wolfram.com/docs/legal.html) Wolfram Web site.

The plaintiffs demanded a preliminary injunction shutting down the MathWorld Web site, and after the usual round of filings from both sides, (http://www.ilcd.uscourts.gov/00-2262.pdf) such an injunction did issue. The Web site was shut down on October 23, 2000, and replaced by a short note explaining that the site was closed due to court order. This news was greeted with outrage by the mathematicians, many of them students, who used MathWorld. The following quote, typical of the mathematical community's reaction to the preliminary injunction, is from the present author's October 25, 2000 (http://ansuz.sooke.bc.ca/crcpress.txt) letter to CRC Press:

You have squandered my goodwill with your lawsuit against Eric Weisstein and his MathWorld Web site at http://mathworld.wolfram.com/. I can no longer in good conscience buy or recommend your products; nor would I be likely to consider CRC Press as publishers for my own work.

As of the present writing in August 2001, the site remains closed. The court case has been suspended since December 7, 2000 (a period of more than eight months), with mediation supposedly in progress. Little or no information is publicly available regarding the current status of any such mediation. As usual in such cases, "mirrors" of the removed material are still available on the Net, but (partly because of successful anti-mirroring measures undertaken before the site was removed, and perhaps also because the ethical issues are unclear) the mirrors are much harder to find than, for instance, mirrors of cp4break.zip.

For the purposes of the present submission, these are the points we wish to highlight about the MathWorld case:

It is not clear whether the publishing contract, a standard one used by CRC Press for publishing many printed books, did or did not apply to the Web site.

The existence of a "making available" privilege might have made the case easier to adjudicate: the Web site would appear to fall into the category of "making available" and so the dispute could focus on whether that privilege was one of the ones in the contract, instead of having to visit the more difficult question of whether the Web site was the same "work" as the book.

The preliminary injunction, a practice designed for temporary suspension of legally disputed activities in a judicial emergency, has now resulted in the shutdown of the Web site for more than eight months, with no end in sight. Imagine how much worse this situation could be in a "notice and take-down" regime.

The cp4break, Sklyarov, and DeCSS cases all involved circumvention of DRM technology embodied in copyrighted computer software. As we have already described, software is a form of expression, necessarily a rather intangible thing. In the SDMI Challenge case, the technology being circumvented was embodied in something even more intangible: Dr. Felten and his team were threatened for circumventing the very mathematical ideas of a DRM system. Ideas, of course, are not subject to copyright at all, although they may be subject to patent.

We now consider a case where something rather more tangible was circumvented. This case involves a device called a ":CueCat" (the colon is part of the name) produced by a U.S. company called Digital Convergence. A :CueCat is a plastic device shaped like a stylized cartoon cat. At one end is a cable through which it can be attached to a computer's keyboard port; at the other end is a bar code reader. These devices were intended to be distributed at no charge in Radio Shack stores and with some magazines.

The Radio Shack catalogues were printed with special bar codes, one for each product depicted. Some advertisements in the magazines also bore the codes. Consumers could swipe the barcode symbols with their :CueCats, and (by means of software supplied on a CD-ROM) that would cause their computers to automatically connect to the Web and download further advertising for the products. The :CueCats could also read the familiar Universal Product Code (UPC) symbols printed on most consumer goods (the same ones used by supermarket check-out scanners), so a consumer could swipe almost anything and get to a Web page describing the thing.

Digital Convergence planned to cover the cost of the freely-distributed barcode scanners, and make a profit, by selling advertising space on the Web pages brought up through the system. They also had plans for extending it to include, for instance, audible "cues" embedded in radio and television advertising. Although they did not advertise this fact, it was also true that every :CueCat had a serial number which was sent with each page request, so Digital Convergence was able to construct a database of exactly which products were of interest to the owner of each :CueCat, and sell the results to marketers. That database raised serious privacy concerns, especially when a security hole allowed intruders to break into the Digital Convergence computers and copy the database.

The :CueCat system was regarded as a fairly stupid idea by reviewers. It was typical of the kind of idea that attracted venture capital in the "dot-com bubble" days of the late 1990s, only to crash and burn when investors began looking for real profits. However, many hobbyists were pleased by the availability of free barcode scanners. A barcode scanner is a useful thing to have attached to one's computer; not as a way to view additional advertising, but for other purposes. For instance, almost every published book bears an extended UPC barcode giving its International Standard Book Number (ISBN). One could catalogue a home library relatively painlessly by just scanning all the books with a :CueCat and looking up the ISBNs in an online database.

So hobbyists undertook to find ways to use :CueCats for their own purposes. Rather than installing the provided software, one group of hobbyists simply connected a :CueCat to a computer, swiped some bar codes, and captured and analysed the signals the device sent to the computer. Noteworthy is that they did not disassemble or otherwise "attack" the :CueCat in order to do this, and they did not open the package containing the Digital Convergence software (thereby arguably invoking the "shrink-wrap" license agreement on that software). Since the :CueCat was offered as a free gift, it would appear that these actions could not possibly be in violation any privileges held by Digital Convergence.

Nonetheless, on August 30, 2000, the New York law firm of Kenyon and Kenyon, representing Digital Convergence, sent an oddly-worded letter ((http://nc.flyingbuttmonkeys.com/useofthingsyouownisnowillegal/letter-1.jpg) Page 1, (http://nc.flyingbuttmonkeys.com/useofthingsyouownisnowillegal/letter-2.jpg) Page 2) to some of the hobbyists, full of vague but obviously hostile rhetoric such as "[C]ertain services/information being offered [. . .] are in conflict with intellectual property rights owned by Digital Convergence." and "The longer that Flyingbuttmonkeys.com continues its improper activities, the longer damages will accrue." When invited to explain exactly what intellectual property privileges were being violated (for instance, in a (http://nc.flyingbuttmonkeys.com/~rothwell/kenyon.pdf) September 7, 2000 letter from Michael Rothwell), the law firm responded with (http://nc.flyingbuttmonkeys.com/images/kenyon-reply.jpg) a second letter that failed to answer the question but repeated the vague claim of some sort of intellectual property infringement. Some quotes from that letter:

We observe that your Web site continues to post material that infringes upon the intellectual property rights of our client, Digital Convergence. [. . .] We request that you remove immediately those portions of the Web site that contain unauthorized or illegal misappropriations of Digital Convergence's intellectual and proprietary rights, or which assist or induce others to do so. We will continue to monitor your Web site's activities and take all appropriate actions, if necessary.

So although Digital Convergence was willing to claim some intellectual property privileges, and hire lawyers to defend them, they were unwilling to explain exactly what privileges they claimed. Some light could be shed on the scope of Digital Convergence's claims by the following quotes from the :CueCat (http://www.crq.com/web/compinfo/compinfo_templ.cfm?view=enduser) license agreement:

You agree to the terms and conditions of this license by performing ANY OF THE FOLLOWING ACTIONS: (1) using the :CRQ software; (2) using the :CueCat reader (3) pressing the "agree" button below; OR (4) printing out a copy of the agreement, signing the agreement and returning a copy to Digital:Convergence(TM).

[. . .]

The :CueCat reader is only on loan to you from Digital:Convergence and may be recalled at any time. Without limiting the foregoing, your possession or control of the :CueCat reader does not transfer any right, title or interest to you in the :CueCat reader. Except as expressly permitted in this License, you may not reverse engineer, disassemble, modify, rent, lease, loan, sublicense, or distribute the :CueCat reader. In any event, you will notify Digital:Convergence of any information derived from reverse engineering or such other activities, and the results thereof will constitute the confidential information of Digital:Convergence that may be used only in connection with the :CRQ software and :CueCat reader.

[emphasis added]

That Digital Convergence was willing to issue threats to a wide range of people in defense of these kinds of claims is well documented on Web sites like that of (http://nc.flyingbuttmonkeys.com/useofthingsyouownisnowillegal/) Michael Rothwell. More vague posturing can be seen in comments they submitted to Slashdot. The theory apparently underlying the claims is remarkable: Digital Convergence says that they can give consumers :CueCats for free, but still own the :CueCats and exercise contractual obligations over the recipients, even though the recipients never agreed to any such obligations except implicitly by using the devices. That goes far beyond the already-questionable "shrink-wrap" and "click-wrap" license agreement concepts, where consumers supposedly "agree" to legally binding license terms merely by opening diskette packages or clicking on Web links.

When the scanners were distributed at Radio Shack, recipients were told that the devices were free gifts. The license agreement existed only on the accompanying CD-ROM, which many users never opened. Nonetheless, the agreement was claimed to be binding on users of the :CueCat scanners. Some hobbyists have claimed that in the case of the scanners distributed with magazines, such a contract violates U.S. law, specifically the United States Code, Title 39, section 3009, which stipulates that any unordered merchandise sent by mail may be treated as a free gift by the recipient.

This case developed oddly because before any of the threats could escalate to legal action, Digital Convergence's poorly-thought-out business model caught up to them. The company appears to now be in "Chapter 11" bankruptcy protection, no longer pursuing the purported violators of its privileges. In the meantime, all the usual things happened: most of the hobbyists threatened removed their sites from the Web for fear of litigation, others mirrored the content all over the world, and the case became a topic for discussion in online media; for instance, the news site cnet.com ran an interesting article about it. For the present submission, we wish to draw attention to these points:

Digital Convergence claimed to be able to bind consumers to licensing terms just by giving them free barcode scanners.

Such licensing terms may have been illegal under U.S. postal regulations regarding unsolicited merchandise.

Use of the scanners for any but the manufacturer's intended purposes was claimed to be violation of "intellectual property" privileges, although Digital Convergence never deigned to reveal exactly which of their privileges they thought were being infringed.

The intended purpose of the :CueCat scanners threatened privacy rights, due to the collection of an extensive database tying product interests to demographic data.

Despite being vague and legally questionable, the mass mailings were successful in shutting down many hobbyist sites.

Nonetheless, hobbyist-written :CueCat software (for tasks like home library indexing) was and is widely available, even though :CueCat scanners themselves are now hard to find because of the failure of Digital Convergence.

Our last case is not particularly a "new media" case, but it illustrates the fact that copyright overextension affects all forms of work. Margaret Mitchell's novel Gone With the Wind is of course well-known, as is the motion picture of the same name starring Clark Gable and Vivien Leigh. In 2001, the Houghton Mifflin publishing company proposed to publish a novel called The Wind Done Gone, by Alice Randall; a parody of Gone With the Wind written from the slaves' point of view. They were promptly sued by Suntrust Bank, the current holders of the copyright privileges to the Mitchell novel. An extensive archive of court documents is available on the Houghton Mifflin Web site.

The claim of the lawsuit is that the Randall novel is somehow a "derivative work" from the Mitchell novel, and therefore cannot be published without the permission of the Mitchell estate. Such a claim flies in the face of the longstanding protection of parodies as fair dealing (called "fair use" in the U.S.A.). As discussed in the Houghton Mifflin Q&A page for this dispute:

Parody is a cherished form of speech protected by both "fair use" and First Amendment [see also Canadian Charter of Rights and Freedoms] principles. It's allowed as long as it criticizes or in some other way transforms the prior work, and as long as its use of elements from the prior work is reasonably related to its critical purpose. Certainly Randall's book transforms the way we read and remember Gone With the Wind.

Worthwhile commentary on this case is also included in a San Jose Mercury News column of April 24, 2001, by Dan Gillmor. For the present submission, we only wish to emphasize the following point:

Even in the print medium, overextension of copyright privileges can be used to suppress free expression inconvenient to the privilege holders.

The author successfully defended his Master's thesis in Computer Science at the University of Victoria, August 22, 2001. He also holds a B.Sc. in Computer Science and Mathematics Combined, with distinction, from the same institution. In September 2001 he will begin studying towards a Doctorate in Computer Science at the University of Waterloo. The author is the recipient of an NSERC Postgraduate Scholarship, the highest level of scholarship support available to Canadian graduate students. Such scholarships are awarded for academic merit alone, by a tough competitive process.

As well as his thesis, titled Generation of Graphs Embedded on the Torus, and the notorious work on Cyber Patrol described above, this author's academic publications include a paper entitled (http://ansuz.sooke.bc.ca/limdiff.html) A Limited-Diffusion Algorithm for Blind Substring Search , which won the "Best Student Paper" award at the 10th Annual Canadian Information Technology Security Symposium, sponsored by the Communications Security Establishment, the agency of the Federal Government responsible for code-breaking and similar activities. Matthew Skala is also listed as a co-author of (http://www.aft.pfc.forestry.ca/igarss99/SEIDAM_Monitoring.html) a paper presented at the International Geoscience and Remote Sensing Symposium 1999 (IGARSS'99), while he was employed by a Natural Resources Canada research group. In early 2001, he presented a talk on his Master's thesis research at the 32nd Southeastern International Conference on Combinatorics, Graph Theory, and Computing, in Baton Rouge, U.S.A.

This author's electronic publications include numerous short stories (for instance, (http://ansuz.sooke.bc.ca/jpickett.html) The Reverend John Pickett and the damage done, and (http://ansuz.sooke.bc.ca/lei.html) He lei nalu ho`okahi) and a novel entitled (http://ansuz.sooke.bc.ca/crossproduct/) Cross Product; also contributions to the free GNU Privacy Guard security software and many other free software packages. Organizational affiliations include the IEEE (student member), Big Blue and Cousins (a local computer users' club, former Systems Director), and the Victoria Linux Users' Group (founding Secretary). The author has received awards including the Boy Scouts of Canada Chief Scout's Award, the highest award in Scouting; the President's Choice Volunteer of the Month award from Big Blue and Cousins; and the Honorary Teenager award from Peacefire, for work advancing the rights of youth.

This submission is inspired by the author's belief in the goddess Pele, representing the fire of creation. Let that fire stir in each heart touched by these words. This submission is released to the public domain.

As we have described, copyright protection began as a government protection of the printing industry's economic monopoly, justified on the grounds of religious censorship. That is no longer an acceptable justification for protection of copyright privileges. We prefer the more modern idea that copyright is a privilege created to encourage the production of new work. We also note that the concept of copyright as a natural right was never the basis for copyright law. Given that copyright is a bundle of artificial privileges created for policy reasons, any expansion of copyright privileges must be carefully scrutinized. To be acceptable, proposed expansions must truly advance the claimed policy goals, and must also pass Constitutional muster. We note that freedom of expression is Constitutionally protected and intellectual property such as copyright is not; therefore, freedom of expression must come first.

In the context of the present discussion, we consider digital rights management (DRM) and its protection as the most important issues facing Canadian policymakers today. We suggest that no level of legal backing for DRM restrictions is appropriate. DRM exists to enforce the wishes of privilege holders, not the law; and privilege holders may well wish for enforcement of restrictions they are not allowed to enforce under copyright law. DRM also implicates issues of privacy and accessibility for the disabled. We have given numerous case studies of how enforcement of privilege holders' restrictions has lead to public debacles in the U.S.A., especially when the Digital Millennium Copyright Act has been invoked. We urge Canada not to make the same mistakes.

We also note that Internet Service Provider (ISP) liability is a serious concern and has lead to problems both for ISPs and their customers. We are especially interested in the question of liability for Web links to arguably illegal content, and we emphasize the fundamental legal problems inherent in notice and take-down regimes. Plaintiffs should not have the ability to write their own temporary restraining orders without the authority of a judge. In our question and answer section, we give answers to all the points highlighted in the Government Consultation Paper on Digital Copyright Issues. In closing, however, we wish to say again that our most important point is that any legal protection of DRM is inappropriate, as a limit on freedom of expression contrary to the Constitution. Any discussion of copyright must begin and end with freedom of expression.

Submission of Matthew Skala to the Intellectual Property Policy Directorate, Industry Canada, and the Copyright Policy Branch, Canadian Heritage, in response to the June 22, 2001 discussion papers.

Executive Summary (350 words)

The most important point made in this submission is that digital rights management (DRM) technology should not and cannot be protected by Canadian law. DRM should not be protected because such protection would harm Canadian policy goals; and DRM cannot be protected because such protection would be contrary to the Constitution. DRM has been protected by recent U.S. legislation, in particular the Digital Millennium Copyright Act (DMCA), with disasterous results; we urge Canada not to repeat the U.S. mistakes.

Copyright law originally existed to promote censorship of religious material. Later intellectual property protections attempted to serve the public good by encouraging creation of new work. Throughout history, copyright existed as a privilege created for policy reasons rather than as a natural right. At this time large corporations claim that sweeping expansion of copyright is necessary to protect the supposed natural rights of authors. We claim that those natural rights do not exist, and also that expansion of copyright would harm Canadian policy goals. Furthermore, freedom of expression is protected by our Constitution, and intellectual property is not, so freedom of expression must come first.

A "making available" privilege is unnecessary at this time and would create problems due to ambiguity. We strongly oppose legal protection of "digital rights management" (DRM) technologies. As well as failing Constitutional muster, protection of DRM would harm Canadian competitiveness by creating a "brain drain" to other nations with less oppressive rules. It could also harm privacy rights, and reduce accessibility for the disabled. Protection of "rights management information" is difficult because it is hard to separate from DRM. We also explore issues of Internet Service Provider (ISP) liability, and how the creation of "notice and take-down" regimes gives plaintiffs in copyright cases the ability to write their own temporary restraining orders without a judge.

We conclude with case studies of copyright overextension in the U.S.A., and some biographical notes and contact information. We urge Canada not to make the same mistakes as the U.S.A., not to overextend copyright privileges against the Constitution, and especially not to protect digital rights management technologies with poorly thought-out legislation.

Any discussion of copyright must begin and end with freedom of expression. As affirmed in the Canadian Charter of Rights and Freedoms, Section 2. b), everyone has the right to "freedom of thought, belief, opinion and expression, including freedom of the press and other media of communication". This freedom is guaranteed, in Section 1, "subject only to such reasonable limits prescribed by law as can be demonstrably justified in a free and democratic society" (emphasis added). Any law that could limit freedom of expression must then be so justified.

Legal protection of intellectual property has existed for more than four centuries, and during that time, it has been placed on three distinct foundations. We examine those three foundations in this section, each in its own historical context: first, intellectual property as a means for censorship and to promote an economic monopoly; second, intellectual property for the benefit of writers and other creators; and finally, intellectual property as a means of increasing the body of public domain material, for the common good. We then discuss some proposed changes to copyright law in Canada, and relate those changes to the historical foundations of intellectual property.

The concept of "copyright" originated in the tradition of English common law, most especially the charter of the Stationer's Company, issued by Queen Mary I in 1556. A monopoly on publication was reserved for a few selected master printers, all books published had to be recorded in a special register, and importation and sale of foreign books was prohibited. By entering the name of a work in the register, a publisher secured the exclusive privilege of publishing that work. The entry in the register was called a "copy", and the exclusive publication privilege was what became known as "copyright". There was no limit to the term of the privilege, and the legal entrenchment of it was merely a codification of the pre-existing "gentlemen's agreements" among members of the Stationer's Guild, which was already acting to protect its own monopoly on publishing.

The five volumes of A Transcript of the Registers of the Company of Stationers of London 1554-1640 A.D., edited by Edward Arber, privately printed in London in 1875, and reprinted by Peter Smith of Gloucester, Massachusetts in 1967, form an invaluable reference for the history of the Stationer's Company, and we draw heavily from them in what follows. First of all, let us consider the reasons for forming the Stationer's Company. It is clear that the Stationer's Guild sought legal backing for its unofficial monopoly in order to maximize its own profits; but Her Majesty's motives in granting that backing were somewhat different. Consider the following quote from the preamble to the Charter of the Company, translated by Arber from its original Latin.

Know ye that we, considering and manifestly perceiving that certain seditious and heretical books rhymes and treatises are daily published and printed by divers scandalous malicious schismatical and heretical persons, not only moving our subjects and lieges to sedition and disobedience against us, but also to renew and move very great and detestible heresies against the faith and sound catholic doctrine of Holy Mother Church, and wishing to provide a suitable remedy in this behalf[. . .] (Arber, volume I, page xxviii)

Queen Mary might well have worried about "sedition and disobedience", considering the circumstances of her own succession to the throne. Just a few years before the formation of the Stationer's Company, she had imprisoned and then executed her predecessor, Lady Jane Grey, who had reigned as Queen for only nine days at the age of seventeen after assuming the throne unwillingly under somewhat unusual circumstances. Although Mary was the popular favourite to be Queen, we could suppose that she would have cause to be concerned about the dissemination of certain ideas relating to the monarchy.

Furthermore, Mary was known as an enthusiastic Roman Catholic. She was notorious for burning Protestants at the stake, a habit which earned her the nickname "Bloody Mary". She issued proclamations against books critical of the Catholic Church, for instance on June 13, 1555 (Arber, volume I, page 52), naming a long list of forbidden books and authors and authorizing searches of the homes of suspected holders of those books; and on June 5, 1558 (Arber, volume I, page 92), which we quote almost entirely here:

Whereas dyuers bokes filled bothe with heresye, sedityon and treason, haue of late, and be dayly broughte into thys Realme, oute of forreine countries and places beyond the seas, and some also couertly printed within this Realme, and cast abroade in sondrye partes thereof, whereby not onely God is dishonored, but also an encoragemonte giuen to disobey laweful princes and gouernors. The Kyng and Quenes Maiesties, for redresse hereof, by this ther present proclamation declare and publyshe to all their subiectes that whosoeuer shal after the proclaymyng hereof, be founde to haue any of the sayde wycked and seditious bokes, or finding them, doo not forthwith burne the same, without showing the readyng the same to anye other person, shall in that case be reputed and taken for a rebell, and shall without delay be executed for that offence accordynge to th ordre of marchall lawe.

In the reprinted Arber book, this is described as a proclamation in which Mary "fairly out-Herods Herod; and clearly shows from what extremities of misery England was delivered by [her] death in the following November." But full deliverance was slow in coming, because on November 10, 1559 Queen Elizabeth I issued a Confirmation of the Stationer's Company Charter, reaffirming everything in it (Arber, volume I, page xxxii).

The practice of banning and burning "seditious" books continued, as shown for instance in a Star Chamber Decree of June 29, 1566 (Arber, volume I, page 322). The Decree prescribed forfeiture of the offending books, three months imprisonment, and a permanent suspension of the right to print books, for anyone guilty of printing banned books. That Decree also gave officers of the Stationer's Company comprehensive police authority to search and inspect warehouses, bookshops, and almost everywhere else, in seeking violations of the prohibition.

One such search was conducted February 21, 1569, of the study of one John Stowe, and an account of the search including a "Cataloguy of such vnlawfull bookes as [the searchers] found" is presented by Arber (volume I, pages 393-394). With the new Queen, the official position on religion had changed, and the "vnlawfull bookes" were primarily those promoting Roman Catholic doctrine. Eight days later, on March 1, 1569, Elizabeth issued a proclamation (Arber, volume 1, page 430) setting out a twenty-eight day grace period for her subjects to turn over forbidden books to the local religious authorities, "vpon payne of her Maiesties greeuous indignation" and severe punishment to be determined on a case by case basis.

Sterner measures, including indefinite imprisonment for keepers of seditious books, were prescribed in a Proclamation issued July 1, 1570 (Arber, volume I, page 452). That Proclamation included a number of interesting details, including a special provision for how an illiterate person ought to deal with books of unknown content, and a "safe harbour" provision to protect and reward finders of seditious material in exchange for their cooperation in apprehending others.

We note two more items from this era. First, several notes from June 1599 (Arber, volume III, pages 677-678) describe the banning and burning of a list of books including the suggestive titles Marriage and wyving and 15 Joyes of marriage, which suggests that by this time the censorship, originally political and religious, may have spread to issues of public morality as well. Naturally, the two books mentioned are not available for modern-day examination as to their nature. Finally, a curious memorandum from July 14, 1617 (during the reign of King James I) is reproduced below in its entirety.

MEMORANDUM That I Gervase Markham of London gent Do promise hereafter Neuer to write any more book or bookes to be printed, of the Deseases or cures of any Cattle, as Horse, Oxe, Cowe, sheepe, Swine and Goates &c In witness whereof I haue herevnto sett my hand the 14th Day of Julie. 1617./

Geruis Markham

(Arber, volume III, page 679)

Why such a promise would be important is not clear. The memorandum seems reminiscent of the promises extracted from this author and Eddy Jansson in the course of the cp4break affair described below. We can only guess at the events leading up to the recording of that item; nonetheless, it seems useful as evidence that by the Seventeenth Century, censorship administered by the Stationer's Guild had spread to a wide range of topics.

It is clear that censorship for political, religious, and other purposes was the Royal rationale for legal recognition of intellectual property privileges in the days of Queens Mary and Elizabeth I. Such censorship is not a highly valued goal of present-day Canadian law; indeed, it is anathema to the "free and democratic society" mentioned in Section 1 of the Charter of Rights and Freedoms, and to the principles embodied in several other places in our Constitution. The final words for this subsection are quoted from a single extremely long-winded sentence in Arber's introduction to the reprinted Registers:

It may therefore be a most worthy study [. . .] to trace the gradually encroaching power [. . .] gagging the press, as a means of fettering and regulating the human mind; to trace with delight the inevitable reaction from such coercion in secret printing; [. . .] pointedly to mark out the secretly printed books [. . .] as so many effective protests against the edict of mere coercive Authority, 'Thou shalt not say,' or as it is sometimes also insolently, though in vain, reached forward to realize, 'Thou shalt not think for thyself.' (Arber, volume I, page xv)

A document popularly called the Statute of Queen Anne or, more fully, An Act for the Encouragement of Learning, by Vesting the Copies of Printed Books in the Author's [sic] or Purchasers of Such Copies 8 Anne, c. 19 (1709), is widely regarded as the first "modern" copyright law. Some commentators even describe this statute as the first copyright law of any kind, although as described above, the Charter (and before that, the unofficial practices) of the Stationer's Company represented an earlier form of intellectual property protection.

What makes the Statute of Queen Anne "modern" is its relatively enlightened purpose. Bloody Mary's intellectual property laws were clearly intended to support censorship of religious and political books, and embraced by the publishers because of the economic monopoly they conferred. The purpose of the new law, enacted in 1709 and coming into force in 1710, is described by this quote from its preamble:

Whereas printers, booksellers, and other persons have of late frequently taken the liberty of printing, reprinting, and publishing, or causing to be printed, reprinted, and published, books and other writings, without the consent of the authors or proprietors of such books and writings, to their very great detriment, and too often to the ruin of them and their families: for preventing therefore such practices for the future, and for the encouragement of learned men to compose and write useful books[. . .]

So with this Statute the emphasis shifted considerably, from protecting the political interests of the Throne and the publisher's monopoly, to supporting creators of literary works. There is also the added goal of "the encouragement of learned men to compose and write", which foreshadows the early U.S. theory of copyright we shall discuss in the next subsection. Even with the focus on the authors, however, it is not clear that this Statute claims copyright to be anything other than an artificially-created legal privilege. The theory of absolute control as the natural God-given right of creators did not arrive until much later.

There are several other provisions we should like to highlight in the Statute of Queen Anne. The Stationer's Company was allowed to retain its monopoly for another 21 years on the books already in its register, evidence that even in the Eighteenth Century, the publishing cartel had political power to influence lawmaking. That register was to remain in use for new works also, but now merely as a means for privilege holders to record and thereby secure their privileges, which were to last 14 years from first publication. There is no mention of censorship, or language against "sedition and heresy", in the Statute. On the contrary, the clerk of the Company was required to accept all new listings, with a fine of twenty pounds for failure to do so. Other provisions against the Stationer's Company monopoly include a procedure for buyers of books to complain about excessively high prices and a long list of officials authorized to force a reduction in price in such cases.

Another interesting item is a special consideration for universities. This provision could be seen as a forerunner to the modern idea of "fair dealing" for academic and educational purposes. In the Statute of Queen Anne the special position of the academic community is acknowledged as follows:

IX. Provided, That nothing in this act contained shall extend, or be construed to extend, either to prejudice or confirm any right that the said universities, or any of them, or any person or persons have, or claim to have, to the printing or reprinting any book or copy already printed, or hereafter to be printed.

The third major foundation for intellectual property protection comes from a desire to reward authors, not primarily for their own benefit (as in the Statute of Queen Anne) but to provide an incentive for creation of new work for the public good. This foundation was enshrined in law in the Constitution of the U.S.A., which went into effect in 1789. It is this foundation that we consider the most appropriate basis for copyright law today. Obviously, we should prefer to use the Canadian Constitution as a source; but there is no intellectual property protection in the Canadian Constitution. That issue is discussed later.

The U.S. Constitution empowers Congress (their approximate equivalent of Parliament) "[t]o promote the progress of science and useful arts by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries." (Article I, Section 8, Clause 8, usually called "The Copyright Clause".) This clause is noteworthy because it singles out intellectual property as something about which Congress can and should make laws, worthy of note in the Constitution. That section includes, in sequence, six clauses about financial powers, one each for establishing a postal system, intellectual property protections, and a court system, a clause respecting piracy on the high seas, six clauses about military powers, and finally two clauses granting general powers over Federal lands and lawmaking. That they mentioned intellectual property on this list, and before such important matters as the court system and the military powers of Congress, speaks for how important these people considered "the progress of science and useful arts".

The Copyright Clause is also noteworthy for what it does not say. The framers of the U.S. Constitution were people who had no qualms about characterizing some rights as God-given or inalienable; their proceedings are full of that kind of rhetoric. But they did not so describe the form of intellectual property protection created by their Copyright Clause. On the contrary, they gave Congress the power to enact intellectual property protections only "for limited times" and "[t]o promote the progress of science and useful arts", clearly indicating that they understood copyright as a privilege created by the law for the specific purpose of encouraging creators, not as a natural right needing only to be acknowledged and protected by the law.

The status of intellectual property as an artificial privilege created for policy reasons is well described in a letter of Thomas Jefferson to Isaac McPherson dated August 13, 1813. The strong language of this letter becomes more than slightly ironic when considered in light of more recent U.S. copyright history, discussed in the next subsection of our submission.

It has been pretended by some, (and in England especially,) that inventors have a natural and exclusive right to their inventions, and not merely for their own lives, but inheritable to their heirs. But while it is a moot question whether the origin of any kind of property is derived from nature at all, it would be singular to admit a natural and even an hereditary right to inventors. [. . .] If nature has made any one thing less susceptible than all others of exclusive property, it is the action of the thinking power called an idea, which an individual may exclusively possess as long as he keeps it to himself; but the moment it is divulged, it forces itself into the possession of every one, and the receiver cannot dispossess himself of it. Its peculiar character, too, is that no one possesses the less, because every other possesses the whole of it. He who receives an idea from me, receives instruction himself without lessening mine; as he who lights his taper at mine, receives light without darkening me. That ideas should freely spread from one to another over the globe, for the moral and mutual instruction of man, and improvement of his condition, seems to have been peculiarly and benevolently designed by nature, when she made them, like fire, expansible over all space, without lessening their density in any point, and like the air in which we breathe, move, and have our physical being, incapable of confinement or exclusive appropriation. Inventions then cannot, in nature, be a subject of property.

Jefferson goes on to describe how a limited monopoly (i.e. copyright) may be desirable as a matter of public policy to encourage innovation, "but, generally speaking, other nations have thought that these monopolies produce more embarrassment than advantage to society[.]" So it is clear that one of the same issues we find interesting, of whether copyright is a natural right or a formal privilege created for policy reasons, was an issue of interest even in 1813; and even then, people like Jefferson were drawing the same conclusions we draw. Recall that copyright was always used to promote public policy: first the policy of censorship in the reigns of Mary I and Elizabeth I, then in 1709 the pleasanter-sounding goal of rewarding creators set forth in the Statute of Queen Anne. But even in that Statute, one stated purpose was "for the encouragement of learned men [and women!] to compose and write useful books", for the public good. Copyright was not historically designed as a protection of some God-given natural right to control creation.

Copyright took on new meaning in the Twentieth Century as technological developments made possible copying of work on a large scale by end-users. Also, the introduction of technology for recording audio and video made copyright on works other than books far more relevant. One significant development, the Berne Convention of the 1970s, represented an effort to standardize intellectual property protections globally. Note that the Berne Convention extended copyright to the life of the original author plus 50 years, far more than the fourteen years from publication prescribed by early legislation like the Statute of Queen Anne.

The introduction of the video cassette recorder (VCR) was also significant, for its transformation of how the public consumed motion pictures. Video cassette recorders sparked the famous Betamax lawsuits (1976-1984), described amusingly on the (http://www.sony.co.jp/en/Fun/SH/1-14/h2.html) Web site of the Sony corporation as a series of cases in which "consumers won the right to freely enjoy video tape recorders at home." Sony, the manufacturer of Betamax VCRs, was sued by major holders of television copyright privileges on the theory that by selling equipment capable of recording television shows, Sony was aiding infringement of the copyright privileges in those shows. After years of legal proceedings, the fair dealing rights of consumers to tape shows for later viewing were eventually upheld. How ironic that a few years later, Sony would become a leading member of the Secure Digital Music Initiative, arguably dedicated to preventing consumers (by means of DRM technology) from freely enjoying digital audio recorders at home.

In the 1980s and 1990s, home computers became a significant force, and they raised new copyright issues. Computers as copying machines captured very little attention when home computers existed essentially in isolation, with physical exchange of diskettes the only means for copying data from one machine to another. The hard-fought war of the 1980s, between computer hobbyists and manufacturers of "copy protection" software, attracted almost no attention outside the computing community. But in the 1990s, when a larger segment of the public began using computers and modems and the Internet allowed computers to exchange data much more efficiently, consumer copying of digital media (especially music) became a significant issue.

The U.S. Digital Millennium Copyright Act (DMCA), passed in 1998 with its enforcement suspended for the first two years pending review, is well known to the copyright reform community. For our purposes, the most interesting aspect of the DMCA is its criminalization of "trafficking in [DRM] circumvention devices". As cases like SDMI Challenge show, such "trafficking" is considered to include things like academic conference presentations, and other activities not previously viewed as criminal.

Less relevant to new media but also interesting is the Sonny Bono Copyright Term Extension Act, also passed in the U.S. in 1998, in which many copyright terms in the U.S. were extended to 20 years beyond the Berne Convention limit. (The name derives from the late U.S. Congressman Sonny Bono, who died shortly before the law was introduced and had no other connection to it.) Some commentators have speculated that this extension was motivated primarily by lobbying from the Walt Disney Corporation, attempting to keep its monopoly on the Mickey Mouse character. The first Mickey Mouse cartoon's copyright would otherwise have expired in 2003. This law is of interest as an example of how corporate interests can create a call for otherwise-unnecessary "reforms". It is hard to imagine how the extension, flying in the face of international treaty provisions, could "promote the progress of science and useful arts", the supposed justification for copyright under the Copyright Clause of the U.S. Constitution.

Both extensions are instead put forward on a different justification: the idea that copyright is a natural right of authors to control their works. Existing copyright laws exist to protect this natural right, so the claim goes, and new technology represents a new threat, demanding expansion of the privileges in the copyright bundle in order to compensate. That line of reasoning is supported by the popular misconception that copyright is a right because the word "copyright" includes the word "right". It is evident in rhetoric about "pirates" who "steal" copyrighted work; any talk of theft implies that the thing being stolen was susceptible to being owned in the first place.

But that was never the basis for copyright law, and as discussed in the previous section it was explicitly rejected, for instance by Jefferson, during the time when existing copyright laws were framed. Previous copyright laws were always based on the idea of a legislated privilege created where no natural right exists. Enough time has elapsed since the origins of copyright law that today few people remember exactly where it came from. So in the two U.S. copyright extensions of 1998 (the DMCA and Sonny Bono laws), we see a fourth justification for copyright: as a protection for some natural right against the forces of evil embodied in new technology.

The most interesting developments since 1998 have been driven by court cases, also mostly based in the U.S. but sometimes (as in cp4break and the Sklyarov case) dragging in citizens of other countries. Those two and several other cases are described in our section of case studies below. One common thread in such cases is the extension of U.S. copyright law to cover matters not formerly considered to implicate copyright, such as the publication of critical reviews. Another common thread is the extension, again, of U.S. copyright law to cover people not formerly covered by U.S. law at all, such as Canadian citizens working in Canada. We claim that such extensions are extremely dangerous to Canadian values. Thus the title of the present submission: New Media Copyright Extensions Would Harm Canada.

The attack on Canadian sovereignty in copyright law may proceed through many channels, including:

Lobbying by large U.S. corporations for "reforms" to Canadian law, on the theory, somewhat resembling blackmail, that privilege holders will be unwilling to release new music and motion pictures in Canada without stronger "protection".

Calls for protection of privilege holders' natural rights. See discussion below of whether copyright privileges can be called natural rights.

Pressure to interpret the WIPO treaty requirements (not yet ratified in Canada anyway) in the most restrictive way possible, as has been done in the U.S.A.

Intellectual property additions to other treaties, for instance the controversial Free Trade Area of the Americas (FTAA) treaty. See the Electronic Frontier Foundation's (http://www.eff.org/alerts/20010816_eff_ftaa_alert.en.html) action alert on this matter.

As we enter the Twenty-First Century, the situation facing Canadians is that we are beset on all sides by powerful interests seeking to promote the concept of copyright as a natural right, in order to return copyright law to its Sixteenth-Century origins: the absolute monopoly enjoyed by the Stationer's Company in the time of Bloody Mary. We urge the Departments to learn from the mistakes of history instead of repeating them. Copyright should not be bent into a tool for monopolistic corporations to make even more money, especially not at the cost of Canadian sovereignty; it has a much more important purpose to serve. Copyright should be a support, not a limit, to the freedom of expression promised by the Canadian Constitution.

In this section we present some observations about copyright law as it relates to Canada, noting similarities to earlier policies mentioned in the historical section above. The first two observations are general in nature: we note that computer software, like everything else covered by copyright, is necessarily also protected as freedom of expression; and we note that copyright is properly described as a privilege rather than a true right, since it has no Constitutional protection in Canada. These two points combine to support what is probably the most important issue of our submission: that no legislative protection of "digital rights management" technologies is appropriate.

For interest's sake we should like to quote a characterization of the Aboriginal attitude toward ownership of folklore, from the Government's own discussion paper A Framework for Copyright Reform: "The creators of folklore see their work as gifts that no longer belong to their creators once they are shared with the community." We suggest that that analysis should be applied across the board, not just to folklore. There is no relevant difference between folklore and any other copyrightable material. All creative work should be considered primarily as a contribution to our cultural framework and only secondarily as a tool for its creator to make money.

Let us begin with a simple observation. This point should be so obvious as to be beneath mention, but it has been forgotten in some recent debates on copyright and so we reiterate it here: Computer software is a form of expression and therefore protected by the "freedom of expression" guarantee in the Charter of Rights and Freedoms. This question will become relevant in discussing some of the case studies later in this submission; we shall argue that researchers who make statements by publishing computer software should have their actions protected by freedom of expression.

Computer software is a form of written language used by human beings to communicate with each other and to control computers. People called programmers create software by writing lists of instructions describing in detail the functions desired. Those instructions are called "source code". In some cases the source code may be directly executed by a computer, following the instructions one by one; in other cases the source code may be translated to another form called "object" or "binary" code, which is then used by the computer. Translation in the reverse direction is sometimes possible and useful, but usually difficult and not often attempted. Programmers often communicate with each other by exchanging source code, since it provides a convenient medium for expressing ideas relating to computer programs.

Our use of words like "write" and "communicate" is not a metaphor: creation of computer software really is the same kind of act, done with the same general kinds of tools and skills, as creation of books, letters, and other writings. The fact that most Canadians may not be able to read and understand software is no more relevant than the fact that most Canadians may not be able to read and understand a letter written in Inuktitut: both are nonetheless forms of expression and fully protected by the Canadian Charter of Rights and Freedoms.

There are different languages for software (such as C, Perl, and Java) in much the same way that there are different languages for other forms of writing (such as English and French). Software can even be written in languages that are derived from, or subsets of, natural languages like English and French. Since source code can sometimes be executed directly, and object code can sometimes be written directly by human beings instead of through a mechanical translator, the names "source code" and "object code" are approximate at best. Basing policy on a distinction between the two would be a dicey proposition, notwithstanding that some court decisions in the U.S.A. (citations below) have attempted to make such a distinction.

There have been relatively few court decisions on the protection of software as free expression in Canada. Although we certainly do not recommend the wholesale and automatic adoption of U.S. policy here, we would like to mention two court cases: (http://www.eff.org/bernstein/Legal/19990506_circuit_decision.html) Daniel J. Bernstein v. U.S. Department of Justice et al. and Peter D. Junger v. William Daley et al. In both cases, the courts (namely the U.S. Courts of Appeals for the Ninth and Sixth Circuits respectively) were willing to recognize computer source code as a form of speech. They drew a distinction which we consider inappropriate, between source and object code based on the greater "functional nature" of the latter; but the U.S. courts surely acknowledged source code at least, as speech protected under the First Amendment, their equivalent to the free expression guarantee of our Charter.

There is another reason to regard computer software as a form of expression, both in source and object code form: computer software is covered by copyright and protection of expression for the public good is the raison d'être of copyright. It is clear from the legislative history that copyright does protect computer software and that this is no accident. The Canadian Intellectual Property Office's own Web site includes a timeline describing how in 1988 the Copyright Act was amended to specifically clarify that it does protect computer software.

The protection of software by the Copyright Act is now enshrined in the definitions of Section 2 of that Act, which definitions mention that the term "literary work" includes computer programs. The Act's definition of "computer program" makes no mention of the (difficult) source versus object code distinction; indeed, it uses the language "a set of instructions . . . to be used directly or indirectly in a computer" (emphasis added), which suggests an intended application to both source and object code. Trivially, anything defined in law as a "literary work" ought to be worthy of Charter "freedom of expression" protection.

We also note that the Copyright Act does not disclude computer programs or anything else from copyright protection solely because of the "functional nature" criterion proposed in the U.S.A., and we suggest that the burgeoning computer software industry would be eager to argue for its position as a "copyright-based industry" under the definition used in the discussion papers. Consider, for instance, cases like the Cyber Patrol reverse engineering case described later in this document; the plaintiffs most assuredly wanted to claim that the software was covered by copyright, and the courts entertained that idea.

Anything that can be copyrighted must be a form of expression and protected by the Charter. Software can be copyrighted. Therefore software is a form of expression and protected by the Charter. Claims that software does not deserve Constitutional protection, coming from the same industry so loudly calling for expansion of copyright protection, seem disingenious at best.

Freedom of expression is Constitutionally protected in Canada, intellectual property is not, and that could be the end of the debate right there. In the U.S.A., copyright and similar laws derive from the "Copyright Clause" in Article I, Section 8 of that nation's Constitution, which specifically empowers Congress "[t]o promote the progress of science and useful arts by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries." That power must be balanced against the requirement of the First Amendment that "Congress shall make no law . . . abridging the freedom of speech or the press[.]" The ongoing and extremely heated debates over copyright law in the U.S.A. centre largely on how to balance these two sometimes conflicting imperatives.

In Canada, the situation is different because we have only one side of that balance. In Canada we have something like the First Amendment, in section 2. b) of the Charter. But we have nothing like the Copyright Clause. In all the various Acts of the English Parliament, Accords, and other documents making up the Canadian Constitution, there is no specific mention of exclusive privileges to intellectual property. We might believe that intellectual property laws are good for Canada, and so their existence could be justified by the more general powers of Canadian Parliament. Perhaps copyright could also be supported by the broad tradition of English common law on which Canadian law is based. But the explicit Constitutional guarantee of freedom of expression must carry a great deal of weight when compared to such implicit justifications. From the point of view of the Canadian Constitution, freedom of expression exists and copyright does not. In a conflict between the two, freedom of expression must come first.

Why do we as a society tolerate the existence of copyright laws at all? Surely everyone has the natural right to talk about any ideas they may encounter; everyone has the natural right to write words on paper and create mathematical structures such as computer programs. These acts do not suddenly become immoral just because somebody else wrote the same words first. Parents do not literally own their children, slavery being illegal in Canada; neither do creators literally own their work. How can something intangible be owned in the same way that inanimate physical objects can be owned? It would appear that despite its name, "copyright" is not a natural right. Why, then, does it exist?

The answer is that copyright per se falls under the exemption of Section 1 of the Charter. We, as a society, have agreed that copyright law in its current form is a "reasonable limit . . . demonstrably justified in a free and democratic society". Everyone benefits from the existence of publicly-available creative work. In order to encourage the creation of such work, we create an artificial incentive. In return for creating and publishing creative work, society gives creators a bundle of special privileges called "copyright". Some of those privileges, for instance the privilege of restricting duplication of a work, run counter to freedom of expression. Privileges under copyright law can only be granted to the extent that they encourage creation of new work, and (for copyright privileges that restrict others' expression) to the extent that creation of new work is more important than freedom of expression.

We emphasize that copyright is a bargain: creators get extra privileges (especially privileges to restrict use of creative work) which they would not enjoy under natural law, in exchange for making their work publicly available. If privilege holders attempt to keep the work to themselves, applying to it the kind of "ownership" that one might have over physical possessions, then they are breaking the terms of the bargain and should forfeit their copyright privileges. Copyright is not a natural right like the natural rights of Section 2 of the Charter; copyright is an artificial construction created in violation of Section 2, under the "reasonable limits" exemption of Section 1. Copyright can only exist to the extent that it remains a reasonable limit.

This analysis of copyright as an artificial privilege may seem novel and bizarre to readers accustomed to thinking of copyright as a natural or "God-given" right. We contend that our analysis is the correct one. From copyright's beginnings in the Sixteenth Century, through to the Nineteenth Century commentary of Jefferson, copyright was recognized as an administrative creation. Right from the beginning, the Stationer's Guild (and similar monopolies in the New World) acted primarily for its own economic gain, and it is clear that as early as 1813 monopolistic publishers were crying "Protect the natural rights of authors!" as an excuse for legal entrenchment of their practices. Recall also the comments of Arber in 1875 on the dangers of censorship, quoted more fully earlier: "the gradually encroaching power [. . .] gagging the press, as a means of fettering and regulating the human mind[.]" It speaks poorly for the Twentieth Century that in that time such demands were occasionally taken seriously by policy-makers; let us leave that mistake behind as we enter the Twenty-First Century.

The section on legal protection of digital rights management (DRM) technologies in the Consultation Paper on Digital Copyright Issues makes clear that the Departments are already aware of some of the problems with DRM technology; a good thing, because we consider the issue of DRM protection to be the most important one facing copyright reformers at this time. One of this author's colleagues, a graduate student of computer science from Russia, was held for three weeks without bail in a U.S. Federal jail as a result of that nation's misguided Digital Millennium Copyright Act. His "crime" apparently consisted of presenting a lecture on his thesis research. (This is the Sklyarov case described below.) We are reasonably confident that such a thing could not happen in Canada today; we hope that will continue to be true in the future.

The most important single purpose of this entire submission is to make clear that legal protection of DRM technologies would be a singularly bad thing for Canada and Canadians in the long and short term. In particular, we wish to emphasize what a dramatic "shift in Canadian copyright policy" protection of DRM technologies really would entail. Such protection would indeed, just as the Departments suggest, "transform a measure designed for protection into a means of impeding legitimate uses". (Both quotes are from the Consultation Paper.)

First, some background. There are two kinds of restrictions a privilege holder might want to make on use of copyrighted material. First, the privilege holder might want to enforce the kinds of limitations currently described by copyright law. For example, the manufacturer of a video movie might want to prevent customers from selling homemade copies of the movie. The author of a book might want not to have an extensively modified version appear as his or her work. This first kind of restriction seems to be in the public interest: by allowing privilege holders to restrict commercial distribution of the work they sell, and by maintaining the truthfulness of the label as to who wrote what, society creates an incentive for the creation of things like books and movies, and the existence of those things benefits the public.

There is a second kind of restriction that a privilege holder might want to make, however: the privilege holder might want to limit use or distribution in a way not permitted by the present copyright law. For instance, the manufacturer of a video movie might want to prevent customers from watching the recording in a city where it had not yet been officially released. The publishers of a piece of computer software might want to prevent the publication of a review containing a negative opinion about the software. (See the discussion of Cyber Patrol, below, for a concrete example.) These restrictions are not in the public interest. Simple property rights (as to physical objects, not the illusionary "intellectual property") dictate that a customer who legitimately buys a tangible recording should be able to use it anywhere; and the right to publish honest reviews of consumer products is fundamental to the free market.

Digital rights management (DRM) and similar technologies restricting copying and use of copyrighted work are inherently content-neutral. These technologies can help enforce the first kind of restriction, and thereby help the public good. But these restrictive technologies can also help enforce the second kind of restriction, and harm the public good, serving only the interests of the privilege holders. At this time privilege holders are demanding sweeping legal entrenchment of all DRM regardless of its underlying purpose, with penalties for circumvention or even discussion of circumvention. They claim that such entrenchment is necessary in order to secure the public good of the first kind of restriction and maintain the status quo with respect to copyright.

We claim that if DRM technologies were supported with legislation, then privilege holders would in fact use these technologies primarily to secure the second, inappropriate, kind of restriction, to the incalculable harm of the public good. In this report, we document some examples of attempts to use legally-entrenched "new media copyright" for enforcing other restrictions far beyond classical copyright, to the detriment of the public good. These additional restrictions take the form of restrictions on freedom of expression and thus directly implicate the Constitution. Because protection of DRM would infringe the rights guaranteed in the Canadian Charter of Rights and Freedoms, we suggest that the appropriate level of legal protection for DRM is "none at all". Some additional problems with DRM, relating to privacy and to accessibility for disabled persons, are described in the Q&A section below.

Even if we accepted as a legal fiction the idea that there was no conflict between protection of DRM and the freedom of expression guarantee in the Canadian Charter of Rights and Freedoms, even if we agreed that the Government had the Constitutional power to protect DRM against the dissemination of circumvention software, then it would still not be in the Government's interests to use that power. Protection of DRM is an undesirable policy as well as being not Constitutional. If Canada had something like the U.S. DMCA, Canada would become a less attractive place to do research; so research that might be done in Canada would be done elsewhere instead.

Loss of researchers (a copyright-law-driven "brain drain") is not a hypothetical concern. Consider, for instance, that Alan Cox, a noted contributor to the highly successful Linux computer operating system, resigned his position with Usenix ALS, a major technical conference in the U.S., because after the Sklyarov arrest, he feared for his own freedom should he travel to the U.S.A. As he said in his letter to the conference organizers and media, quoted in his declaration for the Felten case, "it has become apparent that it is not safe for non US software engineers to visit the United States." It is unknown how many other researchers have chosen to join Cox's proposed boycott, but his letter was widely distributed and highly regarded in Internet technical circles.

The present author, Matthew Skala, chose not to apply to the PhD programs of any U.S. universities, partly for similar reasons (although that was long before the Sklyarov case began). Instead he applied to four Canadian universities and got acceptances from every one of them, eventually choosing the University of Waterloo; if we had a DMCA in Canada, then Canadian universities would look much less appealing both to Canadian and foreign students. The existence of DMCA-type legislation in any nation will certainly have the effect of driving away research and researchers, to the obvious detriment of that nation's technological competitiveness.

It would be foolish to promote the recorded music and movie industries (whose executives are seldom out begging on the streets due to the supposed piracy epidemic) at the cost of stifling any further development in computer technology by making researchers unwelcome. Again we emphasize that this is not hypothetical or unusual: there are numerous actual cases of scientists threatened or prosecuted for doing research, under the provisions of "new media" copyrights (including the cp4break, Sklyarov, DeCSS, SDMI Challenge, and :CueCat cases), and it is the almost universal feeling among workers in these fields that the DMCA is something worrisome and threatening.

A column printed in IEEE Spectrum, the flagship publication of one of the major international professional organizations for scientists and engineers in the computing field, the June 2001 issue, page 9, discusses the DMCA and the SDMI Challenge case, points out that even software claimed to be directly threatening to U.S. national security is not prohibited in the way that "circumvention devices" are prohibited by the DMCA, and asks "Does the recording industry really need - or deserve - greater legislative protection than the U.S. National Security Agency or U.S. Central Intelligence Agency?" The answer of high-tech professionals is clearly a resounding "No!"

As one final argument against DRM which, although hardly necessary on top of our previous arguments, is simply too entertaining to leave out, we should like to cite the science fiction story The Right to Read by Richard Stallman. This first appeared as an article in the February 1997 issue of Communications of the ACM, which is the flagship publication of the other major international professional organization for scientists and engineers in the computing field. We strongly recommend reading the entire story, but will close this subsection with a brief quote:

Aside from the fact that you could go to prison for many years for letting someone else read your books, the very idea shocked him at first. Like everyone, he had been taught since elementary school that sharing books was nasty and wrong - something that only pirates would do.

The above was published in Communications of the ACM in February 1997, as fiction. In July 2001 it became non-fiction, when Dmitry Sklyarov was jailed for sharing books. We hope that he will not stay there for "many years", and that Canada will not be turned into Stallman's Dystopia by the modern-day incarnations of Bloody Mary's Company of Stationers.

Q: 1. How would a "making available" privilege affect the balances among the various copyright interests?

A: Giving creators an additional privilege to sell obviously gives them one more way to make money from their work and so could be seen as an advantage for them. For publishers, "record labels", and similar stakeholders, a making available privilege appears neutral: finer divisions within the copyright "bundle" allow for more narrowly-tailored business dealings but also can reduce the publisher's options should they change their business model. For the public, the existence of a making available privilege may have some spin-off benefits from the benefits accruing to creators and publishers, but is likely to be detrimental because of the increased confusion as to who is allowed to do what when.

Q: 2. In which respects might such a privilege require limitations or be subject to exceptions?

A: The making available privilege as proposed raises issues because it is not clear what "on demand" means. For instance, some music publishers are considering (or even test-marketing) systems for "electronic delivery" of audio recordings, where a customer pays a fee, downloads a file, and then can listen to it at their leisure, as many times as desired. The concept is that this process is analogous to buying a recorded CD, except that there is no physical object delivered. Is that "on demand communication" for the purposes of the proposed making available privilege? It is intended as a direct replacement for the existing process of buying a CD in a store or by mail order, a process which is surely covered by the reproduction privilege; but the virtually-instant delivery offered by a fast computer network gives it a definite "on demand" flavour.

Similarly, what of a library that places its collections online and allows people to electronically check out and return books or audio recordings, virtually instantly over the Internet? Is that "on demand communication"? It is communication that happens on demand, so the answer appears to be trivially "Yes". Will the library find that its existing rights to lend materials to the public no longer apply with electronic delivery? Should libraries be exempt, and if so, how shall we define "library"?

Making available is described in the consultation paper especially as something of interest for sound recordings. But cases like the MathWorld case below suggest that making available may be an interesting concept in regard to other kinds of materials, too. Rather than attempting to sort out these kinds of issues, we suggest that it is inappropriate to attempt to design a making available privilege at this time. The existing legislation is serviceable as it stands on this point; when the technological situation has matured further, it will be easier to make the correct decisions about making available.

Q: 3. In which respects do existing privileges, e.g., the reproduction privilege, fail to provide a measure of control which is comparable to a distinct "making available" privilege?

A: This question presupposes that some "measure of control" would be appropriate; a point we are not ready to concede. Understanding, however, that we do not necessarily agree with privilege holders: some holders of copyright privileges may want to prevent some uses of creative work that are currently covered by "fair dealing" and free expression. For instance, holders of privileges on music played by online "radio stations" might wish to prevent listeners from recording the broadcasts for later listening, an activity currently protected by law. If the recording and listening occurred on two different computers, with a network between them, then a making available privilege might help copyright holders prevent this form of fair dealing.

Q: 1. Given the rapid evolution of technology and the limited information currently available regarding the impact of technological measures on control over and access to copyright protected material, what factors suggest legislative intervention at this time?

Legislative intervention to protect technological measures is only suggested by the financial interests of the large corporations calling for such intervention, the modern incarnations of the monopolistic Stationer's Guild as it existed in Bloody Mary's time. Even if legislative intervention to protect technological measures may be indicated at some time in the future, and we suggest that it never will be because the essential issues have not changed in almost 450 years, such intervention is not appropriate now, precisely because of "the rapid evolution of technology and the limited information currently available regarding the impact of technological measures".

Q: 2. Technological devices can be used for both copyrighted and non-copyrighted material. Given this, what factors should be considered determinative in deciding whether circumvention and/or related activities (such as the manufacture or distribution of circumvention devices) ought to be dealt with in the context of the Copyright Act, as opposed to other legislation?

A: Any act with an expressive component, regardless of its possible "functional nature", must be evaluated with the freedom of expression guarantee of the Canadian Charter of Rights and Freedoms uppermost in mind. This especially includes the publication of computer software for circumvention of technological measures, since such publication is so often done for important expressive purposes of research or political comment. Recall that copyright in its modern form exists to encourage, not to restrict, free expression, as mentioned for instance in the Copyright Clause of the U.S. Constitution which puts forward intellectual property protection "[t]o promote the progress of science and useful arts" and in the title of the Statute of Queen Anne, which begins "An Act for the Encouragement of Learning". Copyright ought never to stand in the way of scientific research. "New media" copyright extensions have stood in the way of scientific research in the cp4break, Sklyarov, DeCSS, and SDMI Challenge cases (and no doubt others as well).

Q: 3. If the government were to adopt provisions relating to technological measures, in which respects should such provisions be subject to exceptions or other limitations?

A: The right to circumvent technological measures should not be subject to exceptions or other limitations. Anyone who circumvents technological measures in order to commit an illegal act can be prosecuted for the illegal act already. A law against circumvention per se would be unnecessary and harmful to the Government's and the public's interests, even if designed to target only circumvention for illegal purposes..

Q: 4. Are there non-copyright issues, e.g. privacy, that need to be taken into account when addressing technological measures?

A: Yes. Technological measures may well implicate privacy issues. For instance, the DIVX system, an early competitor to DVD, allowed consumers to physically possess discs of recorded motion pictures without actually having the privilege of viewing them. When a customer wanted to watch a movie, they would put the disc in a special player that contacted a central computer to lease the privilege of watching the disc, for a limited time. As a result, the central computer collected a database not only on discs held by each user, (we do not use the word "owned" because the customers were forbidden to exercise anything like ownership rights towards the discs), but also the complete history of when each disc was viewed. That kind of database would certainly be valuable to marketers, and would certainly be something that privacy-conscious consumers would be uncomfortable about.

Technological measures also implicate accessibility for the disabled. Most proposals for technologically-protected digital content delivery require the use of a proprietary "client" hardware device or software program implementing the access controls. It may be difficult or impossible for a disabled person to use the proprietary client. For instance, a book in electronic form and subject to "technological measures" may not allow the text to be copied into a voice synthesis system so that it can be read aloud to a blind person. That is not a hypothetical situation; the Adobe eBook system at issue in the Sklyarov case had exactly such a restriction, and one function of the jailed student's software was to bypass the restriction and allow access to eBook files by voice synthesis software.

If technological measures can be circumvented legally then there is some hope that a third party may create a special client for use by disabled users; alternatively, a generic circumvention program (like that described in the Sklyarov case) might allow the content to be translated into an unprotected form compatible with accessible clients. But if circumvention is criminalized, disabled persons may simply be unable to use the content at all. Such a restriction would be onerous enough today, but would become much worse in the future if (as some people predict) most books become routinely published electronically instead of on paper.

Even a requirement for content providers to add accessibility features to their systems, or an exemption permitting circumvention by or for disabled persons, would be insufficient. Disabled users are a small enough market, and creating good accessible systems is difficult enough, that it may be impossible for content providers to create usable accessibility features, and uneconomical for third parties to write special accessible clients for proprietary formats. The only workable solutions are to forbid technological "copyright protection" measures (supposedly the Russian approach, but a difficult proposition here to say the least) or to allow circumvention for general purposes, not just for accessibility.

Q: 1. What information should be protected under the Copyright Act? Given that information may cease to be accurate over time, should information relating to, for example, the owner of copyright and to terms and conditions of use be protected?

A: Because rights management information will often be inaccurate and there will be a strong temptation to link any rights management information into automatic enforcement (i.e. DRM) schemes, as little rights management information should be protected as possible, within the treaty requirements. Protected and inaccurate information will often cause problems: for instance, many audio CDs are now distributed with permanently recorded copy-protection signals indicating "no copies allowed" even though the copyright on the material already has expired or will eventually expire. The system currently used on CDs has no provision for indicating an expiry date even if the manufacturers wanted to record one, and a privilege holder attempting to correctly record such a date for the work of a living author would be faced with the distasteful task of trying to predict the author's death.

Someone wishing to make use of public domain material might well have to alter such rights-management signals in order to make legal use of the material; it should not be an offense to make the alteration. Note that devices for controlling exactly these signals, called "SCCM black boxes", are commonly available to audio professionals in Canada, perfectly legal at present, and their existence has not created the kind of horrific piracy problem that privilege holders claim to fear. We must bear in mind, too, that the Constitutionally protected right of freedom of expression must take precedence even over treaty requirements, no matter how strongly worded. The Constitution is the highest law of this land.

Q: 2. Certain terms and conditions may not be legally valid in Canada if they are contrary to public policy. In light of this, what limitations should there be on the protection of such information? Is a provision required that specifies that the protection of such information does not imply its legal validity in Canada?

A: Terms and conditions that are not legally valid in Canada should certainly not be legally protected in Canada. Our laws do not exist to cover for the mistakes made by other jurisdictions.

Q: 3. Given the fact that some technologies serve a dual purpose, i.e., reflect rights management information and protect a work against infringement, how should provisions concerning rights management information take into account provisions regarding technological measures?

A: Since protection of technologies that guard against "infringement" would normally be turned into protection of privilege holders' short-term economic interests against legal and worthwhile fair dealing, any protection of rights management information must be clearly and narrowly limited to exclude affording any protection to DRM technologies. As described in the previous subsection, protection of DRM is inappropriate.

Q: 4. If the Act were amended to protect rights management information, does the fact that some technologies may be used both to set out rights management information and protect a work against infringement mean that duplicate or overlapping sanctions could result in some cases?

A: Yes, of course. Consider the Sklyarov case below, to name just one example: the software under dispute could be described as "circumventing" the DRM (to allow books to be read by other software, for instance by voice synthesis software used by blind people), or as tampering with the "rights management information" (namely, the information recording limits like "reading this document aloud is forbidden"). The two concepts, of DRM and of "rights management information", are so close together as to render a distinction between them almost useless.

Q: 5. Are there non-copyright issues, e.g. privacy, that need to be taken into account when addressing rights management information?

A: All the issues mentioned in the previous subsection apply here also, but there are further problems with rights management information. For instance, creators have privacy rights too, and a system designed to "protect" their copyright privileges could easily expose private information without the creator's knowledge or consent. Consider, for instance, the uproar that occurred in 1999 when it was discovered that the ubiquitous Microsoft Office software places a hidden code identifying the author in every document it creates. Any Office document can be traced back to the individual, or at least the installation of Office, that created it. Many people were upset and the case attracted some media attention, but notably, nothing was done about it. The Microsoft corporation was not punished, they issued some "feel-good" press releases but the software was not changed, and to this day, hidden identification codes are embedded in Office documents. It is easy to imagine that such codes could be billed as "rights management information", since they identify the author and presumably copyright holder of a document, but their secret nature makes them a privacy threat. Note, too, that the facts about the document format were only discovered when people examined the format with "hacker tools" like (http://www.tuxedo.org/~esr/jargon/jargon.html#grep) Unix grep(1), an act that could easily have been called "circumvention".

Some of the problems with rights management information could be alleviated by requiring that all such information be visible to ordinary consumers through the same systems normally used to view, play, or otherwise consume the content; but such a requirement would not solve enough problems to make legal protection of rights management information a good idea.

Q: 1. Do the current provisions of the Copyright Act already adequately address ISP concerns?

A: No. Consider for instance the plight of Islandnet in the cp4break case. Although the allegedly infringing material was not even posted in Canada, Islandnet was named as a defendant in the lawsuit just because one of the co-authors of the document had his personal home page (which did not contain the allegedly illegal document) on their server. It would be far preferable for copyright law to make clear that all responsibility for publishing is held by whoever actually publishes a document; mere providers of general networking services, like ISPs, are not responsible for their clients' actions.

Q: 2. Some ISPs and privilege holders have entered into agreements for dealing with infringing material. In what respects is this approach sufficient or insufficient?

A: This approach is insufficient because ISPs and privilege holders are both driven by economic profit motives instead of by fairness. Corporations are not bound (as the Government is) to respect due process and freedom of expression. They may well form agreements that are good business but not good law. For instance, in the cp4break case Islandnet could easily have agreed to punish this author, outside the law, by taking down his Web site critical of the plaintiffs, in exchange for being relieved of the bother of defending itself in court. (Fortunately, Islandnet did not agree to such an arrangement.) Agreements for copyright enforcement outside the law are especially worrying in this era of corporate acquisition, when the ISPs and privilege holders may be, or be owned by, the same or closely related entities. For instance, the major U.S. Internet service provider, AOL, is owned by a corporation that also owns large blocs of copyright privileges; the collective entity is in fact named "AOL-Time-Warner.

Q: 3. What other intermediary functions that have not been discussed in this section, but that are nonetheless being carried out by ISPs, ought to be considered when developing a policy regarding ISP liability?

A: The section in the Consultation Paper is well-worded and covers almost all significant functions of ISPs. One additional function that might be considered, however, is that of linking. This is a function not only of ISPs but of everyone who publishes electronically. Anyone who posts a document on the World Wide Web (or on some similar systems) can include the addresses of other documents posted by other people; those addresses become "links", allowing a reader to easily "follow" the links (usually by clicking the mouse pointer on highlighted sections of text) and view the referenced documents. This very paragraph contains such a link in the first sentence, to the Government's Consultation Paper, and this submission contains many more; such links are the lifeblood of the Web.

If someone posts a document containing a link to illegal material posted by someone else, are they participating in the publication of that material? We argue not: it is no different from a newspaper reporting the address of a building in which illegal activities occurred. In the DeCSS case, a U.S. court ruled that a magazine which published links to allegedly infringing material was guilty of participating in the publication of that material. We suggest that that is bad policy, in just the same way that it would be bad policy to prosecute a newspaper for publishing the address where a crime was committed. Linking only reports the name and location of documents; it does not constitute publishing those documents or create any kind of participation relationship between the publisher of the link and the publisher of the documents.

What if someone posts a link to a document that is itself posted legally, but the link is posted without the permission of the privilege holder? This question has sometimes been examined (almost always in the U.S.A.) when the publisher of a large Web site has objected to the publication of "deep links", links which point at individual documents within the Web site instead of at the main "home" page. This issue was part of a larger dispute, for instance, in a lawsuit involving the Ticketmaster Web site. The claim has been made that copyright on a Web site includes the privilege of saying who may link to each document on the site. We suggest that that, also, is bad policy. The author of a book has no right or privilege to say who may write a review of the book, and include the title and publisher's name so that readers may find a copy of the book. The author cannot say, "Referencing this book is allowed, but scholars may only reference the Introduction, not subsequent chapters." Publishers of Web documents should not have the privilege of limiting who can refer to those documents, or how; that would be utterly contrary to the purpose of publication.

In summary, then, we recommend that no liability should accrue to publishers of links: linking to illegal material should not itself be illegal, and linking without the permission of the publisher of the linked-to document should not be considered an infringement of copyright privileges. Linking to a document consists exactly of citing the name and location of the document in an especially convenient form; that is not an activity that ought to be regulated under copyright law.

Q: 4. To the extent that a notice and take-down system is being contemplated, how would such a system affect the framework in Canada for the collective management of copyright? What alternative proposals should be considered? Under what conditions would a compulsory licensing system be appropriate?

A: Notice and take-down effectively transfers the power of the courts, in granting temporary restraining orders, from the hands of judges to those of plaintiffs. That is not a clever reform. Internet service providers are seldom in a strong position to carefully evaluate the validity of take-down requests, especially if by failing to honour a valid request they could open themselves to criminal prosecution; instead of attempting to make a fair judgment (which they could not do correctly anyway, and should not attempt: judgments are the function of judges), the ISP will attempt to err on the side of caution, simply honour all take-down requests, and hope to stay out of the fray.

That state of affairs gives privilege holders, usually large corporations, yet another advantage in the already unequal contest between them and alleged infringers. As seen in cases like cp4break, notice and take-down regimes will most certainly be used to promote other goals besides legitimate protection of copyright privileges. We note that Scandinavia Online AB complied with a take-down request from Microsystems Software Inc., even though the request was of questionable legality even in the U.S.A., demanded removal of material whose publication was protected by Swedish law, and was delivered by unauthenticated email. Scandinavia Online apparently made no effort to verify that the take-down request was genuine, and no apology or restitution to Eddy Jansson for the loss of his legally-posted research results nor the numerous completely unrelated documents they also destroyed.

Privilege holders might argue that electronic copyright infringement is unique because of the speed of network communications; in the time it would take to obtain a bona fide temporary restraining order from a court, many thousands of infringing copies could be made, rendering judicial relief impossible. As a result, they demand a faster procedure for addressing alleged infringements immediately, eliminating such annoying formalities as due process.

Indeed, something like that argument was made in the cp4break case, where the plaintiffs demanded, and got, the privilege unprecedented in U.S. law of serving court documents by email, with no authentication or security measures taken. As a plaintiffs' press release claimed, "Judge Harrington gave the company permission to serve notice of the immediate injunction via email to the defendants and 'their agents.' The company was serving the electronic notices immediately." They claimed that email service was necessary because traditional hand delivery of court documents would take too much time to be useful; an interesting idea, but not one that justifies discarding the traditional legal procedure of having a sworn process server deliver the documents by hand.

Insecure email is not even remotely comparable to legal document service, and the claim that time is of essence in copyright infringement cases does not excuse discarding the guarantees associated with traditional service. The law already addresses the concerns of plaintiffs in any suit who may be further damaged while the case goes to trial: such plaintiffs can seek a temporary restraining order. It is not necessary to re-invent that system especially for copyright infringement cases. If plaintiffs are concerned about ongoing harm before the case is settled, our words for them are "Tell it to the judge!"

Some of the problems of notice and take-down could be mitigated by penalties for ISPs who take sites down for alleged copyright infringement on no or invalid take-down orders, and a requirement that plaintiffs issuing a take-down order post a bond to cover the defendants' legal fees and damages to the defendants and ISP as a result of the take-down, in case the material under dispute should not be proven infringing. We also note that take-down orders would as a matter of course have to be served as any other legal documents, and not through the extremely fallible email system which provides no protection whatsoever against tampering with messages, no verification of delivery, and no proof of the identity of the sender. But even with those concerns addressed, the mere thought of giving plaintiffs the power to effectively issue temporary restraining orders all on their own authority, in online copyright or any other disputes, ought to be repugnant to elementary principles of law.

The appropriate way to address ISP liability concerns is to simply rule that ISPs are not liable. It is not necessary to provide a notice and take-down regime, a licensing regime, or some other regime forcing ISPs to do something to avoid liability. The need for action by ISPs should work in the opposite direction: service providers should not be liable for their clients' actions unless they do something to become liable, for instance by contributing illegal content to an illegal posting.

Q: 5. To the extent that issues surrounding the scope and application of the reproduction privilege are being examined in relation to Internet-based communications, are there reasons why this examination should be restricted to the question of ISP liability?

A: Possibly. There is no doubt that the technology is immature, making the Departments' desire for a technology-neutral solution a wise one. We could suggest that issues like the copyright status of peer-to-peer file sharing systems, for instance, should not be addressed in law until their effects on the marketplace have been tested for a few years. That could argue for a "wait and see" approach: solve the ISP liability problem now, because it is causing problems already, and wait before deciding on any other reforms. But technology will in some sense always be new; that is the nature of technology. And since the fundamental issues of copyright and freedom of expression have not changed since Bloody Mary, almost 450 years ago, there is no reason to expect that the issues will suddenly change if we wait a little longer.

In this section we provide, as background material, some case studies in copyright overextension. All these cases are set against a backdrop of U.S. copyright law, although some also involve other nations including Canada. Our purpose in describing these cases is not to provide exhaustive commentary on any of them but merely to illustrate some of the things that can go wrong when copyright is updated overzealously in an attempt to accommodate new technologies. Please remember that these cases are only a partial sampling of the ongoing U.S. copyright nightmare; there are many worrisome cases not mentioned in this submission.

Our first case is of special interest because it involved this author, Matthew Skala, directly. The story also involves "parental control" software, sometimes called "censorware": software that can be installed on a computer to limit the Internet access of users of that computer. For instance, an employer might install such software on business computers to prevent employees from viewing non-work-related Web sites. Such software is often billed as a means of "protecting" children from "pornography", but its actual function is often far broader: it is intended to filter out many other kinds of material as well.

Filtering software generally involves a list of forbidden Web sites; that list is a closely guarded secret, and even the person installing the software is not permitted to find out exactly which Web sites are being blocked. As has been shown many times in investigations conducted by Peacefire and various independent researchers, there is a strong temptation for vendors of censorware to use their products to promote political agendas, punish their enemies, and block negative reviews of their products. In short, this software represents a supreme technological realization of a policy Bloody Mary would doubtless have applauded: the suppression of ideas distasteful to whoever writes the blacklist.

Needless to say, the use of such software is a subject for extensive political debate; especially in the U.S.A., where Federal laws like the (http://www.ala.org/cipa/) Children's Internet Protection Act mandate the use of censorware in public institutions such as libraries. Is it appropriate for a privately-owned corporation to make a secret list of what Internet materials shall and shall not be readable in a public library? That question is obviously of interest, and democracy demands an open discussion of possible answers to it.

In early 2000, Eddy Jansson (working in Eskilstuna, Sweden), and Matthew Skala (this author, working in Victoria, B.C.), collaborated in writing a review of a censorware package called Cyber Patrol; at the time, the copyright privileges for Cyber Patrol were held by a U.S. corporation. Jansson and Skala examined the program from a scientific perspective. Their backgrounds are in computer programming and mathematics. In particular, they applied the techniques of what is called "reverse engineering", to essentially take the software apart and see how it worked, and "cryptanalysis" (mathematical code-breaking) to decode the secret blacklist.

In so doing, they discovered several major design and security flaws in Cyber Patrol; it was far below normal industry standards of software quality, despite being significantly advanced over other similar products. (Quality of censorware in general is, almost universally, abysmally poor.) They also discovered some evidence of political and other bias in the blocking list: for instance, a wide range of sites opposing nuclear war (including, for instance, portions of the City of Hiroshima Web site) were blocked and labelled "militant or extremist", Web sites promoting atheism were blocked as "Cult/Satanic", and so on. There were also inexplicable blocks, for instance of a (http://www.cet.com/~bangs/) publisher of classical sheet music. Note: that link was dead when tested on August 24, 2001; the documents may also be found by doing a Google search and clicking on the "Cached" links.

Jansson and Skala wrote a lengthy essay describing the procedure used for analysing Cyber Patrol and what was found. They also wrote some software of their own illustrating the cryptographic techniques, including a program called "cphack" which could decode all the secret files in a Cyber Patrol installation, displaying for the user the list of blocked Web sites. They posted the review, including their own original software, on Jansson's Web site in Sweden, in a package they called "cp4break". The essay was warmly welcomed by its intended audience of researchers and programmers. For instance, Dr. Peter D. Junger of Case Western Reserve University Law School (the same Dr. Junger of the Junger v. Daley code-as-speech case mentioned earlier) said in a mailing list message:

But, anyway, I wanted to point out that this is seriously useful educational stuff; it's not just a cute hack, although I am sure that it is that too. The programmers explain how they went about opening up the filter program, using intuition, a disassembler, and a lot of skill and knowledge.

When Jansson's and Skala's findings were published, the vendors of Cyber Patrol, namely Microsystems Software Inc. and Mattel Inc., both U.S. corporations, immediately sued both men and their respective ISPs, Islandnet (in Victoria) and Scandinavia Online (in Sweden). Scandinavia Online deleted Jansson's entire Web site from its servers, apparently in response to an emailed copy of the court filings; Islandnet asked Skala to remove a link to Jansson's Web site, but took no further action. The lawsuit was filed in U.S. Federal court in Boston, Massachusetts, the plaintiffs claiming that that court had jurisdiction because although the review was posted in Sweden, one of the many Web sites on which the review was announced was located in Massachusetts. The lawsuit claimed six things:

Copyright Infringement against Jansson and Skala: on the basis that the review, despite being original work, was somehow derived from Cyber Patrol (for which the plaintiffs held the privileges) or else that in order to write the review the defendants must have copied Cyber Patrol illegally.

Copyright Infringement against the ISPs: for their participation in Jansson's and Skala's activities.

Breach of Licensing Agreement: on the basis that in order to have gotten a copy of Cyber Patrol in the first place, Jansson and Skala might have agreed to a license agreement forbidding reverse engineering.

Interference with Advantageous Business Relations: by publicizing the substandard design and insecurity of Cyber Patrol, the defendants had made it more difficult to sell copies of the package.

Conversion: that in writing their review, Jansson and Skala had converted Cyber Patrol.

Theft of Trade Secrets: that by examining the software, the reviewers had discovered, and stolen, secrets about its operation.

This case, of course, raises many interesting legal questions which we do not have space to discuss fully here. First, it is worth nothing that this action was brought under conventional copyright law - not under the Digital Millennium Copyright Act, although the DMCA was brought up in subsequent filings. Next, the choice of venue is of interest. For reverse engineering that occurred in Canada and Sweden, and was published in Sweden, why sue in a U.S. court? The jurisdiction question is doubly interesting because the judge in Boston did rule that he had jurisdiction, and the case proceeded there despite the fact that none of the defendants was represented.

The list of claims is interesting as well. The first claim, probably the most significant one, alleges that even though the Jansson/Skala posting contained only tiny quotes from Cyber Patrol, in the context of a lengthy and completely original discussion, it should nonetheless count as copyright infringement, apparently because Jansson and Skala read Cyber Patrol before writing their review. Note our use of the word "read" to describe the activity of comprehending the software: as discussed earlier, software is a form of written language that can be read by an appropriately-trained person in the same way that a book can be read.

The other side of the first claim, that Jansson and Skala must necessarily have copied Cyber Patrol illegally in order to conduct their analysis, is interesting too because it places the privilege of restricting copying ahead of fair dealing, and touches on the difficult task of defining "copying" in the computer realm. As noted in the Consultation Paper on Digital Copyright Issues, transmission of electronic documents and other computing activities including the reverse engineering at issue here often necessitate creation of transient copies of information; it is not clear that such transient copies should count as reproduction for the purposes of the copyright reproduction privilege, but that was the theory put forward in the court case. In Canada, writing a review often falls under the "fair dealing" exemptions to copyright law; whether this is a difference between U.S. and Canadian law, or merely a spurious claim even under U.S. law, is unclear.

The second claim, that Scandinavia Online was liable for the alleged infringement merely for hosting Jansson's Web site containing the allegedly infringing material, and that Islandnet was liable merely for hosting Skala's Web site which did not even contain the allegedly infringing material at all but contained a link to Jansson's site, directly implicates the issues of ISP liability and the status of links, described in the Q&A section above.

The "Breach of Licensing Agreement" claim implicates the whole issue of the validity of click-through license contracts, about which we could write another submission the size of this one, and may well be forced to when click-through contracts become a subject for consideration in Parliament. Since this is not one of the copyright issues currently on the table, however, we shall not visit it here except to mention that the license agreement in question was limited to ban reverse engineering "except to the extent that this restriction is prohibited by applicable law", and that such restrictions are indeed traditionally prohibited by law (i.e. reverse engineering is always allowed) in many jurisdictions including Sweden.

The remaining three claims can be lumped together: they visit the questions of whether reviewers cause actionable damages by publishing a negative review of a product, and whether vendors of a product can use copyright law to suppress unfavourable reviews. We think not.

The later history of this case is lengthy and complicated. The two sides negotiated towards an out-of-court settlement. During the negotiations, the plaintiffs also filed suit in British Columbia Supreme Court. A settlement was reached in which the defendants agreed to stop distributing the essay and software; largely because Jansson and Skala, an unemployed person and a graduate student respectively, had no resources for an extended court battle in a foreign country against a multi-billion-dollar corporation. Skala's copyright privileges to the essay and software were purchased by the plaintiffs for a dollar, and Jansson's were apparently turned over to the plaintiffs free of charge. The Boston court issued a permanent injunction backing the settlement agreement.

But in the mean time, many other Web sites had posted copies of the material (indeed, the documents remain widely available on the Web to this day), and it was not clear whether the out-of-court settlement could apply to anyone but the defendants. Three "mirror" sites in the U.S., which had posted the review under its original very permissive distribution terms, attempted to appeal the Boston court's injunction supporting the out-of-court settlement, claiming that because they had not agreed to the settlement, they still had a right to be heard as to their right to publish the review, even though the original defendants had withdrawn. The request for appeal was denied, leaving the legal status of mirror sites unclear.

Meanwhile, the anti-circumvention provisions of the Digital Millennium Copyright Act, which at that time had their enforcement suspended pending review, were under review by the U.S. Register of Copyrights, a branch of the Library of Congress. The Register of Copyrights conducted a public comment process much like the present Canadian copyright reform public comment process. And on October 27, 2000, the Library issued a final rulemaking setting out what classes of works were to be exempt from the anti-circumvention provisions until October 28, 2003. Those classes of works, the works for which circumvention is permitted under the DMCA, quoted from the final rulemaking, are:

(1) Compilations consisting of lists of websites blocked by filtering software applications; and

(2) Literary works, including computer programs and databases, protected by access control mechanisms that fail to permit access because of malfunction, damage or obsoleteness.

There is some reason to believe that the decision to include point (1) above was influenced by the writings of this author on the cp4break case, which case was cited in the final rulemaking. We are of course pleased that circumvention of censorware could be considered so important as to be one of only two things that rated inclusion on the list, when so many other worthwhile kinds of circumvention were excluded. We agree that this is an important issue. But we suggest that the list should have been much longer; or alternatively much shorter, consisting of the single item "(1) All works."

After having their appeal rejected for lack of standing, and the Register of Copyrights exemption rulemaking which could be seen as giving a green light to critical review of censorware (note, though, that the original case was not brought under the DMCA but under ordinary copyright), the three mirror sites who had appealed decided to go ahead and republish their copies of the suppressed documents, which they had withdrawn during the court battle. By that time, the Cyber Patrol product and privileges had been sold to a U.K.-based company, Surfcontrol, who showed no signs of eagerness to prosecute mirrors.

Subsequent to this publication of the review by Jansson and Skala, several more flaws in Cyber Patrol were found and published, An activist project called Operation Bait and Switch proved by experiment that Cyber Patrol would give large organizations preferential treatment when evaluating Web pages for "hate speech", apparently because of a fear of libel lawsuits from Web sites unfairly labelled as hateful. The "enterprise" version of Cyber Patrol, intended for installation on a corporate firewall, was found to open the client's network to attack, by virtue of a design flaw called a "buffer overflow". The America Online "youth filters", based on a licensed version of Cyber Patrol, were found to block some national political parties but not others, prompting the headline "AOL protects kids from Liberals". Another reviewer, also reverse engineering Cyber Patrol, revealed that it used dramatically substandard security measures when dealing with the user's personal information including credit card number.

Much more detail about this case, including links to stories about it from CBC Television, Macleans magazine, and so on, is available from this author's (http://ansuz.sooke.bc.ca/cpbfaq.html") Cyber Patrol Break FAQ (Frequently Asked Questions) Web posting. Here are some points about this case of particular interest for the present submission:

The reviewers had to circumvent the product's access control technologies in order to write their review.

Although the work was done in Canada and Sweden and published in Sweden, where it was legal, U.S. copyright law nonetheless became significant.

The action was brought in Boston under ordinary copyright law, not the DMCA (whose anti-circumvention provisions were at the time not being enforced).

The defendants were forced to concede the out-of-court settlement, despite having had arguably a strong case even under U.S. law, because of the overwhelming difference in resources between individuals and a large corporation.

Although the settlement affected the defendants, it had no real effect in stopping distribution of the allegedly infringing material. Indeed, mirror sites distributed it all the more eagerly for knowing that it was legally sensitive.

The Library of Congress added an item to its exemption list, in effect changing the law, apparently just because of this case and the uproar it caused.

The next case we consider also involves a corporate attack on student research, but this time carried to the much more unpleasant level of actual criminal charges. Dmitry Sklyarov is a Russian citizen, and a PhD student (much like this author) at Moscow State Technical University. His thesis research involves digital rights management technologies.

In particular, Sklyarov examined the security of the "Adobe eBook" system, which allows publishers to distribute books in an electronic format, and attempts to enforce limitations on use of the books. By limiting use, the system hopes to have the effect of limiting copying. The system does not and cannot directly prevent electronic books from being copied, but it attempts to control use in other ways, for instance by keying a book to an individual computer, making a copy harder to use, regardless of whether the copy was made illegally or for "fair dealing" purposes.

The eBook system also includes other use-limiting features, for instance one designed to prevent users from applying text-to-speech "read aloud" software. That feature would appear to harm the accessibility of electronic books to visually disabled persons, and might indeed fall into the category of "terms and conditions . . . not . . . legally valid in Canada" described in our discussion of rights management information above. As the Adobe corporation has been quick to point out, this anti-accessibility feature is under the control of the book publishers, so some books may still be accessible, but that fact is of little comfort to a visually impaired person who might want to read a book for which the publisher chose to activate the feature.

Dmitry Sklyarov's work on the security of the Adobe eBook system revealed serious design flaws in that system, just as the work of Jansson and Skala revealed serious design flaws in Cyber Patrol, and the work of Felten et al. revealed serious design flaws in SDMI. Sklyarov's employer, a Russian corporation called Elcomsoft, began selling, in Russia, a product they called Advanced eBook Processor (AEBPR), which exploited some of the flaws in the eBook system in order to allow users of electronic books to exercise their fair dealing rights towards their legally-purchased books. For instance, with AEBPR, visually impaired users could have their computers read books aloud to them; and critics could cut-and-paste quotes from books for use in reviews. The Advanced eBook Processor software was certainly legal in Russia; in fact, the original Adobe eBook system without AEBPR was arguably illegal in Russia, because its DRM features infringed upon the legislatively protected fair dealing rights of book users.

The case captured public attention when Dmitry Sklyarov travelled to the U.S.A. to give a presentation on his thesis research at a computing conference in Las Vegas; just as, earlier in the year, this author gave a presentation about his own thesis research in Baton Rouge. Giving conference presentations about one's work is a normal part of the process of attaining a graduate degree. Because so many computing conferences are in the U.S.A., it is quite common for graduate students from Russia, Canada, and everywhere else to travel to the U.S.A. as part of their education. After giving his presentation, Dmitry Sklyarov was arrested by the Federal Bureau of Investigation, responding to a complaint from Adobe Corporation, and imprisoned for approximately three weeks without bail. Sklyarov was later released on US$50,000 bail into the custody of a Russian-American software developer with some connections to Elcomsoft.

The complaint from Adobe claimed Elcomsoft's sales of the Advanced eBook Processor software constituted "trafficking in a circumvention device" for the purposes of the Digital Millennium Copyright Act, and were therefore illegal under that Act. Why Dmitry Sklyarov should be arrested personally, instead of the charges being pursued against Elcomsoft, was not clear. Sklyarov was arguably a co-author of AEBPR but certainly not involved in its sales. It appears that the FBI at one time believed that Dmitry Sklyarov was the holder of the copyright privileges to AEBPR, but that does not appear to be the case currently. It may also be that since he was present in the U.S.A. for academic reasons, and because his research detailing the flaws in the eBook system was surely embarrassing to Adobe, he made an attractive and convenient target. Some of these issues are discussed in an Electronic Frontier Foundation (http://www.eff.org/IP/DMCA/US_v_Sklyarov/us_v_sklyarov_faq.html#WhyArrested) FAQ entry.

Sklyarov's arrest sparked protests in cities across the U.S.A. and worldwide. The Adobe corporation, realizing how serious a public relations problem they had created with their complaint, agreed to hold a meeting with with representatives from the Electronic Frontier Foundation on July 23, 2001. After that meeting, the two groups issued a (http://www.eff.org/IP/DMCA/US_v_Sklyarov/20010723_eff_adobe_sklyarov_pr.html) joint press release in which Adobe withdrew its support for the criminal charges, claiming that "the prosecution of this individual in this particular case is not conducive to the best interests of any of the parties involved or the industry."

That claim seems suspect, however, given that Adobe initiated the charges themselves, asking the FBI to arrest Sklyarov; surely they could have expected his imprisonment and prosecution as a result of their complaint. Adobe's withdrawal of support for the charges does not stop the case now that it is being pursued by the United States, and in (http://www.eff.org/IP/DMCA/US_v_Sklyarov/20010727_eff_sklyarov_pr.html) a July 27 meeting, the U.S. Attorney-General's Office showed no intention of stopping the proceedings. So although Adobe may improve their public image by "back-pedalling" from the charges, they still achieve their goal of suppressing criticism: Sklyarov continues to face serious criminal penalties for his research.

This case is proceeding rapidly and as of this writing, in mid-August 2001, it is impossible to predict the eventual resolution. The next major milestone will be a pre-trial hearing on August 23. Protests continue, and statements of support are pouring in from the academic, computing, and legal communities. Current information may be obtained from the (http://www.eff.org/IP/DMCA/US_v_Sklyarov/us_v_sklyarov_faq.html) Frequently Asked Questions file maintained in the Electronic Frontier Foundation's (http://www.eff.org/IP/DMCA/US_v_Sklyarov/) archive on the case. A brief personal view of the case can be found in this author's article The New Professional Criminals, printed in the newsletter of the Greater Victoria Personal Computer Users' Association. For the purposes of the present submission, we wish to emphasize the following points:

The AEBPR software had many lawful uses - for instance, enabling visually impaired users to have their books read aloud.

AEBPR worked against "technological protection measures" in the eBook system with significant arguably unlawful uses - for instance, protection of "eBooks" against critics who might write unfavorable reviews.

Sklyarov's research, and his trip to the U.S.A., were in the context of his Doctoral thesis project.

Notwithstanding that the AEBPR product was sold by the Elcomsoft corporation, the case was pursued against Sklyarov personally, apparently because his presence in the U.S.A. and relatively poor financial circumstances, as a student with a family to support, made him a convenient target.

The circumvention of Adobe's "digital rights management" technology occurred in Russia, where such circumvention is perfectly legal.

The sale of the "circumvention device" (namely, the AEBPR software) also occurred in Russia, albeit through a U.S. credit card processor.

Nonetheless, Adobe and the U.S. Attorney-General's office are claiming that U.S. law in this matter should take precedence over Russian law.

The case has resulted in significant public outcry and a "brain drain" away from the U.S.A., as foreign researchers fear sharing Sklyarov's fate should they attend U.S. conferences.

The next case concerns one of the biggest of the "copyright industries": the motion picture industry. This case revolves around Digital Versatile Discs (DVDs), which are billed as the next generation in recorded movie technology, a new and much improved system to replace the currently popular analog video cassette schemes (for instance, VHS). Also implicated are Digital Rights Management (DRM) issues, national sovereignty, and the liability of network intermediaries, especially for linking (as described in our Q&A subsection on that topic).

We begin with some background. DVDs are plastic discs physically resembling current audio and computer CDs. The only critical difference is that DVDs can store a great deal more digital content than CDs, as a result of technological advances in the time since CDs were introduced. At present, DVDs are used primarily as a distribution medium for recorded motion pictures. When so used, the movie data is stored in an encrypted form, playable only with equipment containing certain secret "keys" distributed only under non-disclosure agreements by the an industry group called the DVD Content Control Association (DVD-CCA). Other equipment, for instance computer DVD drives, can still read and copy the movies; but they can only be actually watched on equipment containing the keys.

The encryption scheme, called the Content Scrambling System (CSS), is claimed to exist as an anti-piracy measure. However, that claim does not bear rational scrutiny since it is still perfectly possible for consumers to read the encrypted files off the discs, copy them (perhaps via the Internet), and later view the copied files. The CSS encryption does nothing to prevent copying of DVD movies. We suggest that the actual purpose of CSS is quite different: to confer upon the DVD-CCA's chosen favourites a monopoly on DVD playback systems. This suggestion appears especially plausible when we introduce an additional aspect of the DVD system: region coding.

With region coding, the world is divided into six zones called "regions". Each DVD disc and player is coded with the region in which it was sold; a player can only play discs from its own region. (There are some additional complications, including limited provisions for "moving" a player to a new region.) The stated purpose of the system is to allow studios to control the availability of motion pictures worldwide; if a movie is released in North America, for instance, but not yet viewable in European theatres, the studios want to prevent North Americans from selling recorded copies to Europeans. This system clearly is useful in protecting the privilege of the studios to control where movies can be viewed. Whether that privilege is worthy of protection, however, is another question entirely. It is certainly not one of the standard privileges in the copyright bundle. The movie studios have done business perfectly well for a long time without being able to prevent international trade in video tapes; why should they be able to prevent buyers of DVDs from viewing the DVDs overseas?

The CSS-created DVD playback monopoly is manifestly contrary to consumer interests. Quite apart from the objections that can be raised against region coding, there is at present no DVD-CCA licensed playback software for the popular Linux personal computer operating system. In the DVD-CCA's scheme of things, anyone who wanted to watch DVD movies with a PC would be forced to use the Microsoft Windows operating system. Of course, we need not remind readers of the monopoly concerns surrounding Microsoft Windows.

The popularity of DVD movies lead to an effort to make them viewable under Linux. As part of that effort, a group of volunteers created a piece of free software known as DeCSS. The DeCSS software can translate the encrypted content on a DVD into an unencrypted form viewable with other software, thus allowing users of operating systems like Linux to watch DVD movies. Again, we emphasize that DeCSS does not directly have anything to do with copying of movies; it is a viewing tool. As in the SDMI Challenge case discussed next, the debate here involves DRM technology designed to limit the use of legally purchased media, but claimed (by those who stand to gain from the technology) to be intended as a limit on copying. We also note that, just as in SDMI Challenge, the DRM technology here exists not to enforce the law but rather to enforce the privilege holder's wishes, lawful or not. Anyway, the function of DeCSS is to decrypt (arguably to "circumvent") files blockaded by CSS, thereby allowing viewing without the cooperation of the DVD-CCA.

The DVD-CCA filed lawsuits against all and sundry in response to the existence of DeCSS, vainly attempting to pour the genie back into the bottle once the software was released. They acted to protect their monopoly on DVD playback, with a speed and viciousness seldom matched in the history of corporate litigation. The network community responded by distributing copies of DeCSS far and wide, and concocting elaborate examples to test the limits of the DVD-CCA's censorship attempts. For example, it is now possible to buy T-shirts printed with copies of the DeCSS source code, and listen to recordings of people singing the source code to musical accompaniment.

Being a form of written language, software lends itself to such distribution; any form of human communication can be made to serve as a distribution channel for software. Hard to believe as this may seem, the DVD-CCA did sue the T-shirt manufacturer under the Digital Millennium Copyright Act, claiming that the T-shirts constituted a "circumvention device". As of this writing, it is practically impossible to spend any time researching intellectual property on the World Wide Web without being inundated by dozens of copies of DeCSS expressed in various creative forms. One archive of many such expressions is maintained by Dr. David Touretzky at Carnegie Mellon University. Despite such high-profile distribution of the "circumvention device", the epidemic of DVD piracy that the DVD-CCA claimed to fear has not materialised.

We shall draw attention to only two specific cases here. Others are discussed in the Electronic Frontier Foundation's (http://www.eff.org/Intellectual_property/Video/) online archives and in sites linked from there. The first case we consider is, so far as we know, also the first one filed over DeCSS: namely the criminal case in Norway against DeCSS co-author Jon Johansen. This case is described in (http://www.linuxworld.com/linuxworld/lw-2000-01/lw-01-dvd-interview.html) a LinuxWorld interview. On January 24, 2000, police from the Norwegian Department of Economic Crime (a special unit normally tasked with multi-million-dollar international fraud cases) entered the home of Johansen, then 15 years old. (He is described as 16 years old in many media reports because he turned 16 shortly after this episode.) They seized his computer equipment and cellular telephone, and took him to a local police station for several hours of questioning. His father, Per Johansen, was also questioned. Both Johansens were charged with criminal violation of the Norwegian copyright law and a general "hacking" law, in response to a complaint filed by the local representatives of the Motion Picture Association of America (MPAA). This case is ongoing in Norway; more detail is available in the (http://www.eff.org/ Intellectual_property/Video/DeCSS_prosecutions/Johansen_DeCSS_case/)EFF archive.

We highlight the Johansen case because it raises some interesting issues. First, although the case under Norwegian law was questionable at best (Norway has nothing like the DMCA), the Norwegian authorities were willing to cooperate with the MPAA's complaint to such a great extent that they sent their special unit reserved for large-scale "economic" crimes, to bring in a single 15-year-old. It looks like a situation of U.S. policy dictating enforcement practice in a foreign and supposedly sovereign country. Also, it is worth noting that Johansen was not the author of the decryption portion of DeCSS, nor the publisher of the software; he posted a link to the software on his Web site (just as the present author posted a link to cp4break on his own Web site). Treating linking as "trafficking" implicates the network intermediate liability concerns we discuss in the Q&A section. It appears that Johansen was pursued in preference to the two anonymous DeCSS co-authors simply because he was most convenient.

The other case we wish to highlight involves a magazine named 2600 (named after a now-obsolete control signal used in telephone systems). In an article about the DeCSS controversy, 2600 published a link to the software; they were sued by the movie studios on the theory that by publishing the link, the magazine was "trafficking" in a "circumvention device" for the purposes of the Digital Millennium Copyright Act. This case has become known as Universal et al. v. Reimerdes et al., and detailed court documents and other material are available via the Harvard OpenLaw site.

Here, again, the plaintiffs claimed that publication of a link, in other words the exact location and name of a document, could constitute "trafficking" in the document; as well as the also-questionable claim that a computer program, a form of expression protected by the U.S. Constitution (as well as the Canadian Constitution, of course) could constitute a "device". On the strength of those claims, and the unstated but heavily implied claim that the 2600 editors are evil "hackers" and so must be guilty of something, the plaintiffs demanded an injunction against 2600 preventing them from publishing DeCSS or any links to it. The injunction was granted, and the appeal is ongoing.

As well as its focus on the linking question, since 2600 never did actually publish DeCSS but only links to it (as did many other news outlets), this case is of interest because of the many informative amicus briefs it attracted. For instance, a brief submitted by a group of distinguished computer scientists presented arguments similar to ours above for why computer software should be treated as a form of expression and protected by the First Amendment, the U.S. equivalent of our Charter "freedom of expression" guarantee. As the brief says:

3. Copyright law already recognizes that code, both source and object, may be copyrighted as a literary work or an original work of authorship. 17 U.S.C. SS 102(a)(1). It does not take a leap of faith to say that a copyrightable literary work is a work entitled to full First Amendment protections, regardless of its functionality.

The points relating to DeCSS that we wish to highlight for the purposes of the present submission are as follows:

Although claimed to be a "digital rights management" system, CSS appears designed primarily to create and support a monopoly on DVD playback for equipment manufacturers chosen by the DVD-CCA.

CSS does not prevent copying of DVD movies, notwithstanding that that is its stated purpose.

Even if CSS did prevent copying, it would prevent copying in accordance with the privilege holder's wishes, which are not necessarily lawful. Fair dealing traditionally permits some copying directly against the privilege holder's wishes, for instance for purposes of criticism, parody, or after the copyright has expired.

The region coding aspects of CSS extend the studio's powers even further, to control not only which equipment may play back DVDs but also in which countries DVDs may be watched.

The studios' widespread and vicious attempts to prosecute everyone publishing DeCSS, links to DeCSS, discussion of DeCSS, DeCSS T-shirts, etc. had the main result of ensuring ubiquitous distribution of DeCSS.

Despite the ubiquitous distribution of DeCSS, we see no evidence of a DVD piracy epidemic.

The various DeCSS prosecutions implicate virtually all "new media" copyright issues; we especially note the "code as free expression" and "liability for linking" issues.

The arrest of Jon Johansen in Norway, apparently for violating the U.S. Digital Millennium Copyright Act (notwithstanding the pretext given for the arrest under Norwegian law), calls into question whether Norwegian sovereignty means anything in copyright matters anymore; and if Norway must bow to U.S. copyright interests, is Canada also subject to such domination?

Circumvention of computer software is probably of most interest to computer programmers, a relatively small group, and Internet-based copying of movies and video is not yet even alleged to be a huge problem, simply because the Internet is still too slow to deliver such large files conveniently. The next case concerns a medium of much more general interest: digital music. Almost everyone listens to music, and Internet-based copying of audio has certainly captured public attention in the last few years. This case is also interesting because it involves the claim that a scientific paper per se, without accompanying software or other demonstrations, can constitute a "circumvention device" and be ruled illegal.

The Secure Digital Music Initiative (SDMI) is an attempt by a coalition of corporations in the recording industry, to create and force upon consumers a framework for automatic enforcement of copyright and other privileges. The fundamental concept of SDMI is that music should never be available to consumers in usable digital form. Instead, it is stored encrypted. Only playing equipment designated as "compliant" by the SDMI Coalition is able to read the encrypted music, and such equipment is required to convert the signal to a lower-quality analogue form before making it available to the listener. There are also provisions for two designated devices (for instance, a DVD Audio player and a set of speakers) to verify that they are both members of the "SDMI club", at which point they will be able to exchange higher-quality digital data. The system includes watermarking and other "rights management information" schemes so that privilege holders can specify restrictions on what uses may be made of the audio signal.

SDMI thus attempts to create a "Chinese wall" (to borrow a financial term) between the consumer and the recorded music. Music can move freely between devices designated as "SDMI-compliant", but must be translated to a lower-quality form before it is available to other devices. The claimed purpose is to prevent illegal copying; but that claim does not completely ring true, as the system cannot prevent simple duplication of the encrypted data.

Also, even if SDMI did prevent unauthorized copying (which it does not), it would prevent all copying without the privilege holder's permission, regardless of purpose, and as we have described, not all copying without permission is illegal. Copyright law as it stands today often permits copying for fair dealing purposes, even directly against the wishes of the privilege holders. For instance, copying is allowed for purposes of criticism or parody, or after the copyright expires, and those are situations where the privilege holder or former privilege holder might well want to prevent copying. We wish to emphasize that SDMI does not enforce the law: SDMI enforces the privilege holder's wishes, whether those are legal or not. The same could be said of most if not all DRM technology.

One could also raise questions of economic manipulation. To create SDMI-compliant audio equipment, manufacturers must obtain a license for the technology from the SDMI Coalition. Those licenses cost a lot of money, certainly enough to effectively preclude amateur construction of audio players for free operating systems like Linux; and the SDMI Coalition may impose arbitrary contractual conditions on the licensees, or deny licenses to some licensees outright. If the Coalition were successful in its goal of having all music released only in SDMI-compliant form, its members would then have monopoly control on music playback equipment. That situation would not appear to be in the consumer's interest.

Such issues were raised loudly by consumer advocates when the SDMI project was announced, much public debate followed, and so there was considerable interest when the members of the Coalition (http://www.sdmi.org/pr/OL_Sept_6_2000.htm) announced a contest called the "Hack SDMI Challenge" in September 2000. The contest invited the Internet community to test the security of several technologies proposed for use in SDMI, primarily "watermarking" schemes for embedding restriction information in audio signals. The contest organizers provided several example files containing audio with and without watermarks, and an "oracle" for verifying successful removal of the watermark signals.

Participation in the contest was controlled by a "Click-Through Agreement" specifying that the example files were only to be used for the purposes of research on the watermarking scheme. Please note that we question the entire validity of click-through agreements, which purport to create contractual obligations without a signature, but that is a topic beyond the scope of this submission. For the purposes of this case study, let us accept as a legal fiction that the SDMI Challenge click-through agreement was legally binding. The contest also specified that in case researchers should successfully defeat the DRM technologies, the prize money would only be awarded on acceptance of a second agreement binding the researchers not to publish their results.

There was considerable support in the security community for (http://noframes.linuxjournal.com/articles/misc/0022.html) a boycott of the SDMI Challenge, on the theory that SDMI was a bad initiative, contrary to consumer interests, and that it was inappropriate for socially responsible security professionals to help the SDMI Coalition in its efforts to gain monopoly control on music playback. This author refrained from participating for precisely that reason. Also, it was suggested that the stated prizes (the largest of which was US$10,000) were nowhere near enough to pay for the value of such security work, especially given that a reviewer could invest considerable time in the analysis without any assurance of being paid prize money at all. Nonetheless, some researchers did take up the challenge, including a group headed by Dr. Edward Felten of Princeton University. Prior to this work, Dr. Felten was perhaps best known for his role as an expert witness in the antitrust case against Microsoft Corporation.

The work of Felten et al. was successful; they were able, with surprisingly little work, to defeat all the technologies in the SDMI Challenge, except possibly for two technologies where flaws in the contest design made it impossible to verify success. Subsequent events are well chronicled on the research group's Web site and in the Electronic Frontier Foundation's archive of documents relating to this case.

The researchers decided to forgo the second phase of the SDMI Challenge, which would have required them to secretly hand over their results to the SDMI Coalition in exchange for prize money. Instead, they wrote a scientific paper, titled Reading Between the Lines: Lessons from the SDMI Challenge. The paper was submitted to the Fourth International Information Hiding Workshop, which was to be held in Pittsburgh, U.S.A., April 25-27, 2001, where it was accepted through the normal scientific peer-review process. Related work also went into other documents, for instance the Doctoral thesis of Min Wu.

The SDMI Coalition responded with a series of threats against the researchers should they publish their results, culminating in an April 9, 2001 letter to "Edward Felton" [sic] in which Matthew J. Oppenheim, Senior Vice President, Business and Legal Affairs, of the Recording Industry Association of America, claimed that "any disclosure of information that would allow the defeat of [the SDMI Challenge] technologies would violate both the spirit and terms of tthe Click-Through Agreement (the 'Agreement')." That letter goes on to claim "Such disclosure is not authorized by the Agreement, would constitute a violation of the Agreement and would subject your research team to enforcement actions under the DMCA and possibly other federal laws."

As a result of this and other threats against members of the team, their employers, and the conference organizers, the Information Hiding Workshop and the Felten research team decided to withdraw the paper from the conference. The series of threats and the withdrawal of the paper are described in the sworn Declaration of Dr. Edward Felten in the case of Felten et al. v. RIAA et al. discussed below. Instead of his scheduled presentation, Dr. Felten read a brief statement explaining that his team's scientific publication had been cancelled as a result of threats from members of the SDMI Coalition. Also at about this time other documents were suppressed; for instance, Dr. Min Wu was forced to remove a chapter from the Web posting of her Doctoral dissertation, as described in her own Declaration in the same court case. As usual in such cases, something alleged to be the suppressed paper was immediately leaked and mirrored at numerous sites worldwide.

The idea that corporations could suppress scientific work they find inconvenient naturally incensed members of the scientific community and the public. In an apparent attempt to minimize the damage to their reputation, the RIAA issued a press statement in which they claimed (http://www.riaa.org/PR_Story.cfm?id=407) never to have threatened Felten et al.. After the extensive history of threats already documented, that statement hardly seemed reassuring, and the researchers began a lawsuit of their own against the RIAA, SDMI, and various other parties, seeking a declaratory judgment and injunctive relief allowing them to publish their work in the future without fear of lawsuits. Declarations supporting this suit have been filed by such luminaries as Alan Cox, of the Linux kernel development team; Bruce Schneier, the author of one of the standard reference works on cryptography; and the Association for Computing Machinery, a major professional organization for computer scientists. As the lawsuit progressed, the Felten team also did present substantially the same work on August 15, 2001 at the 10th USENIX Security Symposium in Washington, D.C., U.S.A.

This case, like the Sklyarov case, is ongoing as of this writing, and further developments will doubtless occur before the September 15 comment process submission deadline. Based on the case up to the present time, we should like to draw attention to the following points:

SDMI, should it be successful, could endanger fair dealing and give members of the Coalition a monopoly on audio playback equipment.

The SDMI Coalition invited the entire network community, including Dr. Felten and his team, to analyse the security of the technologies in question.

The SDMI DRM technologies were found to be patheticly insecure.

The SDMI Coalition was successful in suppressing the research results of Felten et al. by a series of threats which they later denied making.

The suppressed results consisted solely of an academic paper, with no software or other "circumvention devices" involved. Moreover, no specific copyrighted work was reverse engineered; the results were based solely on examination of the example files provided in the challenge. Thus, the threats were predicated on the assumption that words in English, and those alone, could constitute a "circumvention device".

The results, despite being withdrawn from the conference, were soon available on the World Wide Web.

There was widespread support from the scientific community for the countersuit against SDMI.

The Mathworld Web site, available most recently through the site of Wolfram Research, was a good example of the unique opportunities for public participation offered by the Internet. Mathworld was a sort of encyclopaedia of mathematics, with thousands of articles covering all aspects of the discipline. It was maintained by Dr. Eric Weisstein, originating in a collection of his own notes on various mathematical topics and then expanded with articles and references contributed by readers all over the world.

In 1997, Dr. Weisstein entered into a contract with CRC Press, a major academic publisher, to publish a book called The CRC Concise Encyclopedia of Mathematics, derived from his Web site. (http://mathworld.wolfram.com/docs/WeissteinBookContract.html) The contract transferred to CRC Press the copyright privileges on the book, which is described as "approximately 1400 camera-ready manuscript pages". The Web site (at that time called "Eric's Treasure Trove of Mathematics") remained online.

We shall only summarize the events that unfolded during the next several years. The "Treasure Trove" Web site continued to develop, with the addition of further contributions from the general public. Dr. Weisstein entered into another contract with CRC Press, to publish a CD-ROM based on the contents of the Web site (now updated beyond the material in the printed book). For some time, the Web site was restricted, with various sections disabled on a rotating basis, in order to encourage users to buy the book or CD-ROM instead. Despite price increases and a minimum of advertising and promotion from CRC Press, the book continued to sell well, apparently due to its exposure on the Web site. In 1999, Dr. Weisstein began working for Wolfram Research, a company best known for its "Mathematica" symbolic algebra environment. Shortly thereafter, he moved the "Treasure Trove" Web site to a server operated by his new employers and gave it a new name: MathWorld. Dr. Eric Weisstein and Wolfram Research were promptly sued for copyright infringement by CRC Press, in the U.S. District Court for the Southern District of Florida. (The case was later transferred to Central District of Illinois.)

The lawsuit appears to be based on a claim that instead of the book being derived from the Web site, as described above; or the current Web site and the book both being derived from some previous Web site, another reasonable theory; instead the current Web site was derived from the book. Since the Web site existed, albeit in a much more primitive form, long before the book was conceived, that claim seems questionable. Taking it as a fiction, if the claim were true, CRC Press might be able to claim copyright privileges on the Web site under the contract language which assigns to them privileges on "derivative works" from the book; and that is the basis of their lawsuit. Despite the specification in the contract that the work being licensed consisted of camera-ready manuscript pages, CRC Press claims that the electronic posting was part of what they bought.

However, the case may also implicate other legal issues, including thorny questions of contract law which could decide the case without ever referencing "new media" copyright. Because of irregularities and ambiguities in the contract, it is not at all obvious what privileges CRC Press can claim. Consider, for instance, the following quote taken directly from the contract:

The Publisher's exclusive rights include, without limitation, the right to reproduce, publish, sell, and distribute copies of the Work, selections therefrom, and translations and other derivative Works based upon the Work, in print, audio-visual, electronic, or by any and all media now or do hereafter known or devised, and the right to license or authorize others to do any or all of the foregoing throughout the world. The Publisher will register copyright in the Work in the name of the Publisher in compliance with the United States Copyright Law. If the Publisher supplies artwork (including artwork for the cover of the Work), it may register copyright separately therein in a manner satisfactory to the Publisher. visual, electronic, or by any and all media now or hereafter known or devised, and the right to license or authorize others to do any or all of the foregoing throughout the world. The Publisher will register copyright in the Work in the name of the Publisher in compliance with the United States Copyright Law.

It is especially unfortunate that that bizarre repetition and sentence fragment, apparently caused by a last-minute substitution of a revised page without updating other pages, should involve the critical "derivative works" language. Not, of course, that any part of such a contract could safely be disarranged; every clause is important. These kinds of issues are discussed at length in the archive of court documents and other material available via the (http://mathworld.wolfram.com/docs/legal.html) Wolfram Web site.

The plaintiffs demanded a preliminary injunction shutting down the MathWorld Web site, and after the usual round of filings from both sides, (http://www.ilcd.uscourts.gov/00-2262.pdf) such an injunction did issue. The Web site was shut down on October 23, 2000, and replaced by a short note explaining that the site was closed due to court order. This news was greeted with outrage by the mathematicians, many of them students, who used MathWorld. The following quote, typical of the mathematical community's reaction to the preliminary injunction, is from the present author's October 25, 2000 (http://ansuz.sooke.bc.ca/crcpress.txt) letter to CRC Press:

You have squandered my goodwill with your lawsuit against Eric Weisstein and his MathWorld Web site at http://mathworld.wolfram.com/. I can no longer in good conscience buy or recommend your products; nor would I be likely to consider CRC Press as publishers for my own work.

As of the present writing in August 2001, the site remains closed. The court case has been suspended since December 7, 2000 (a period of more than eight months), with mediation supposedly in progress. Little or no information is publicly available regarding the current status of any such mediation. As usual in such cases, "mirrors" of the removed material are still available on the Net, but (partly because of successful anti-mirroring measures undertaken before the site was removed, and perhaps also because the ethical issues are unclear) the mirrors are much harder to find than, for instance, mirrors of cp4break.zip.

For the purposes of the present submission, these are the points we wish to highlight about the MathWorld case:

It is not clear whether the publishing contract, a standard one used by CRC Press for publishing many printed books, did or did not apply to the Web site.

The existence of a "making available" privilege might have made the case easier to adjudicate: the Web site would appear to fall into the category of "making available" and so the dispute could focus on whether that privilege was one of the ones in the contract, instead of having to visit the more difficult question of whether the Web site was the same "work" as the book.

The preliminary injunction, a practice designed for temporary suspension of legally disputed activities in a judicial emergency, has now resulted in the shutdown of the Web site for more than eight months, with no end in sight. Imagine how much worse this situation could be in a "notice and take-down" regime.

The cp4break, Sklyarov, and DeCSS cases all involved circumvention of DRM technology embodied in copyrighted computer software. As we have already described, software is a form of expression, necessarily a rather intangible thing. In the SDMI Challenge case, the technology being circumvented was embodied in something even more intangible: Dr. Felten and his team were threatened for circumventing the very mathematical ideas of a DRM system. Ideas, of course, are not subject to copyright at all, although they may be subject to patent.

We now consider a case where something rather more tangible was circumvented. This case involves a device called a ":CueCat" (the colon is part of the name) produced by a U.S. company called Digital Convergence. A :CueCat is a plastic device shaped like a stylized cartoon cat. At one end is a cable through which it can be attached to a computer's keyboard port; at the other end is a bar code reader. These devices were intended to be distributed at no charge in Radio Shack stores and with some magazines.

The Radio Shack catalogues were printed with special bar codes, one for each product depicted. Some advertisements in the magazines also bore the codes. Consumers could swipe the barcode symbols with their :CueCats, and (by means of software supplied on a CD-ROM) that would cause their computers to automatically connect to the Web and download further advertising for the products. The :CueCats could also read the familiar Universal Product Code (UPC) symbols printed on most consumer goods (the same ones used by supermarket check-out scanners), so a consumer could swipe almost anything and get to a Web page describing the thing.

Digital Convergence planned to cover the cost of the freely-distributed barcode scanners, and make a profit, by selling advertising space on the Web pages brought up through the system. They also had plans for extending it to include, for instance, audible "cues" embedded in radio and television advertising. Although they did not advertise this fact, it was also true that every :CueCat had a serial number which was sent with each page request, so Digital Convergence was able to construct a database of exactly which products were of interest to the owner of each :CueCat, and sell the results to marketers. That database raised serious privacy concerns, especially when a security hole allowed intruders to break into the Digital Convergence computers and copy the database.

The :CueCat system was regarded as a fairly stupid idea by reviewers. It was typical of the kind of idea that attracted venture capital in the "dot-com bubble" days of the late 1990s, only to crash and burn when investors began looking for real profits. However, many hobbyists were pleased by the availability of free barcode scanners. A barcode scanner is a useful thing to have attached to one's computer; not as a way to view additional advertising, but for other purposes. For instance, almost every published book bears an extended UPC barcode giving its International Standard Book Number (ISBN). One could catalogue a home library relatively painlessly by just scanning all the books with a :CueCat and looking up the ISBNs in an online database.

So hobbyists undertook to find ways to use :CueCats for their own purposes. Rather than installing the provided software, one group of hobbyists simply connected a :CueCat to a computer, swiped some bar codes, and captured and analysed the signals the device sent to the computer. Noteworthy is that they did not disassemble or otherwise "attack" the :CueCat in order to do this, and they did not open the package containing the Digital Convergence software (thereby arguably invoking the "shrink-wrap" license agreement on that software). Since the :CueCat was offered as a free gift, it would appear that these actions could not possibly be in violation any privileges held by Digital Convergence.

Nonetheless, on August 30, 2000, the New York law firm of Kenyon and Kenyon, representing Digital Convergence, sent an oddly-worded letter ((http://nc.flyingbuttmonkeys.com/useofthingsyouownisnowillegal/letter-1.jpg) Page 1, (http://nc.flyingbuttmonkeys.com/useofthingsyouownisnowillegal/letter-2.jpg) Page 2) to some of the hobbyists, full of vague but obviously hostile rhetoric such as "[C]ertain services/information being offered [. . .] are in conflict with intellectual property rights owned by Digital Convergence." and "The longer that Flyingbuttmonkeys.com continues its improper activities, the longer damages will accrue." When invited to explain exactly what intellectual property privileges were being violated (for instance, in a (http://nc.flyingbuttmonkeys.com/~rothwell/kenyon.pdf) September 7, 2000 letter from Michael Rothwell), the law firm responded with (http://nc.flyingbuttmonkeys.com/images/kenyon-reply.jpg) a second letter that failed to answer the question but repeated the vague claim of some sort of intellectual property infringement. Some quotes from that letter:

We observe that your Web site continues to post material that infringes upon the intellectual property rights of our client, Digital Convergence. [. . .] We request that you remove immediately those portions of the Web site that contain unauthorized or illegal misappropriations of Digital Convergence's intellectual and proprietary rights, or which assist or induce others to do so. We will continue to monitor your Web site's activities and take all appropriate actions, if necessary.

So although Digital Convergence was willing to claim some intellectual property privileges, and hire lawyers to defend them, they were unwilling to explain exactly what privileges they claimed. Some light could be shed on the scope of Digital Convergence's claims by the following quotes from the :CueCat (http://www.crq.com/web/compinfo/compinfo_templ.cfm?view=enduser) license agreement:

You agree to the terms and conditions of this license by performing ANY OF THE FOLLOWING ACTIONS: (1) using the :CRQ software; (2) using the :CueCat reader (3) pressing the "agree" button below; OR (4) printing out a copy of the agreement, signing the agreement and returning a copy to Digital:Convergence(TM).

[. . .]

The :CueCat reader is only on loan to you from Digital:Convergence and may be recalled at any time. Without limiting the foregoing, your possession or control of the :CueCat reader does not transfer any right, title or interest to you in the :CueCat reader. Except as expressly permitted in this License, you may not reverse engineer, disassemble, modify, rent, lease, loan, sublicense, or distribute the :CueCat reader. In any event, you will notify Digital:Convergence of any information derived from reverse engineering or such other activities, and the results thereof will constitute the confidential information of Digital:Convergence that may be used only in connection with the :CRQ software and :CueCat reader.

[emphasis added]

That Digital Convergence was willing to issue threats to a wide range of people in defense of these kinds of claims is well documented on Web sites like that of (http://nc.flyingbuttmonkeys.com/useofthingsyouownisnowillegal/) Michael Rothwell. More vague posturing can be seen in comments they submitted to Slashdot. The theory apparently underlying the claims is remarkable: Digital Convergence says that they can give consumers :CueCats for free, but still own the :CueCats and exercise contractual obligations over the recipients, even though the recipients never agreed to any such obligations except implicitly by using the devices. That goes far beyond the already-questionable "shrink-wrap" and "click-wrap" license agreement concepts, where consumers supposedly "agree" to legally binding license terms merely by opening diskette packages or clicking on Web links.

When the scanners were distributed at Radio Shack, recipients were told that the devices were free gifts. The license agreement existed only on the accompanying CD-ROM, which many users never opened. Nonetheless, the agreement was claimed to be binding on users of the :CueCat scanners. Some hobbyists have claimed that in the case of the scanners distributed with magazines, such a contract violates U.S. law, specifically the United States Code, Title 39, section 3009, which stipulates that any unordered merchandise sent by mail may be treated as a free gift by the recipient.

This case developed oddly because before any of the threats could escalate to legal action, Digital Convergence's poorly-thought-out business model caught up to them. The company appears to now be in "Chapter 11" bankruptcy protection, no longer pursuing the purported violators of its privileges. In the meantime, all the usual things happened: most of the hobbyists threatened removed their sites from the Web for fear of litigation, others mirrored the content all over the world, and the case became a topic for discussion in online media; for instance, the news site cnet.com ran an interesting article about it. For the present submission, we wish to draw attention to these points:

Digital Convergence claimed to be able to bind consumers to licensing terms just by giving them free barcode scanners.

Such licensing terms may have been illegal under U.S. postal regulations regarding unsolicited merchandise.

Use of the scanners for any but the manufacturer's intended purposes was claimed to be violation of "intellectual property" privileges, although Digital Convergence never deigned to reveal exactly which of their privileges they thought were being infringed.

The intended purpose of the :CueCat scanners threatened privacy rights, due to the collection of an extensive database tying product interests to demographic data.

Despite being vague and legally questionable, the mass mailings were successful in shutting down many hobbyist sites.

Nonetheless, hobbyist-written :CueCat software (for tasks like home library indexing) was and is widely available, even though :CueCat scanners themselves are now hard to find because of the failure of Digital Convergence.

Our last case is not particularly a "new media" case, but it illustrates the fact that copyright overextension affects all forms of work. Margaret Mitchell's novel Gone With the Wind is of course well-known, as is the motion picture of the same name starring Clark Gable and Vivien Leigh. In 2001, the Houghton Mifflin publishing company proposed to publish a novel called The Wind Done Gone, by Alice Randall; a parody of Gone With the Wind written from the slaves' point of view. They were promptly sued by Suntrust Bank, the current holders of the copyright privileges to the Mitchell novel. An extensive archive of court documents is available on the Houghton Mifflin Web site.

The claim of the lawsuit is that the Randall novel is somehow a "derivative work" from the Mitchell novel, and therefore cannot be published without the permission of the Mitchell estate. Such a claim flies in the face of the longstanding protection of parodies as fair dealing (called "fair use" in the U.S.A.). As discussed in the Houghton Mifflin Q&A page for this dispute:

Parody is a cherished form of speech protected by both "fair use" and First Amendment [see also Canadian Charter of Rights and Freedoms] principles. It's allowed as long as it criticizes or in some other way transforms the prior work, and as long as its use of elements from the prior work is reasonably related to its critical purpose. Certainly Randall's book transforms the way we read and remember Gone With the Wind.

Worthwhile commentary on this case is also included in a San Jose Mercury News column of April 24, 2001, by Dan Gillmor. For the present submission, we only wish to emphasize the following point:

Even in the print medium, overextension of copyright privileges can be used to suppress free expression inconvenient to the privilege holders.

The author successfully defended his Master's thesis in Computer Science at the University of Victoria, August 22, 2001. He also holds a B.Sc. in Computer Science and Mathematics Combined, with distinction, from the same institution. In September 2001 he will begin studying towards a Doctorate in Computer Science at the University of Waterloo. The author is the recipient of an NSERC Postgraduate Scholarship, the highest level of scholarship support available to Canadian graduate students. Such scholarships are awarded for academic merit alone, by a tough competitive process.

As well as his thesis, titled Generation of Graphs Embedded on the Torus, and the notorious work on Cyber Patrol described above, this author's academic publications include a paper entitled (http://ansuz.sooke.bc.ca/limdiff.html) A Limited-Diffusion Algorithm for Blind Substring Search , which won the "Best Student Paper" award at the 10th Annual Canadian Information Technology Security Symposium, sponsored by the Communications Security Establishment, the agency of the Federal Government responsible for code-breaking and similar activities. Matthew Skala is also listed as a co-author of (http://www.aft.pfc.forestry.ca/igarss99/SEIDAM_Monitoring.html) a paper presented at the International Geoscience and Remote Sensing Symposium 1999 (IGARSS'99), while he was employed by a Natural Resources Canada research group. In early 2001, he presented a talk on his Master's thesis research at the 32nd Southeastern International Conference on Combinatorics, Graph Theory, and Computing, in Baton Rouge, U.S.A.

This author's electronic publications include numerous short stories (for instance, (http://ansuz.sooke.bc.ca/jpickett.html) The Reverend John Pickett and the damage done, and (http://ansuz.sooke.bc.ca/lei.html) He lei nalu ho`okahi) and a novel entitled (http://ansuz.sooke.bc.ca/crossproduct/) Cross Product; also contributions to the free GNU Privacy Guard security software and many other free software packages. Organizational affiliations include the IEEE (student member), Big Blue and Cousins (a local computer users' club, former Systems Director), and the Victoria Linux Users' Group (founding Secretary). The author has received awards including the Boy Scouts of Canada Chief Scout's Award, the highest award in Scouting; the President's Choice Volunteer of the Month award from Big Blue and Cousins; and the Honorary Teenager award from Peacefire, for work advancing the rights of youth.

This submission is inspired by the author's belief in the goddess Pele, representing the fire of creation. Let that fire stir in each heart touched by these words. This submission is released to the public domain.

As we have described, copyright protection began as a government protection of the printing industry's economic monopoly, justified on the grounds of religious censorship. That is no longer an acceptable justification for protection of copyright privileges. We prefer the more modern idea that copyright is a privilege created to encourage the production of new work. We also note that the concept of copyright as a natural right was never the basis for copyright law. Given that copyright is a bundle of artificial privileges created for policy reasons, any expansion of copyright privileges must be carefully scrutinized. To be acceptable, proposed expansions must truly advance the claimed policy goals, and must also pass Constitutional muster. We note that freedom of expression is Constitutionally protected and intellectual property such as copyright is not; therefore, freedom of expression must come first.

In the context of the present discussion, we consider digital rights management (DRM) and its protection as the most important issues facing Canadian policymakers today. We suggest that no level of legal backing for DRM restrictions is appropriate. DRM exists to enforce the wishes of privilege holders, not the law; and privilege holders may well wish for enforcement of restrictions they are not allowed to enforce under copyright law. DRM also implicates issues of privacy and accessibility for the disabled. We have given numerous case studies of how enforcement of privilege holders' restrictions has lead to public debacles in the U.S.A., especially when the Digital Millennium Copyright Act has been invoked. We urge Canada not to make the same mistakes.

We also note that Internet Service Provider (ISP) liability is a serious concern and has lead to problems both for ISPs and their customers. We are especially interested in the question of liability for Web links to arguably illegal content, and we emphasize the fundamental legal problems inherent in notice and take-down regimes. Plaintiffs should not have the ability to write their own temporary restraining orders without the authority of a judge. In our question and answer section, we give answers to all the points highlighted in the Government Consultation Paper on Digital Copyright Issues. In closing, however, we wish to say again that our most important point is that any legal protection of DRM is inappropriate, as a limit on freedom of expression contrary to the Constitution. Any discussion of copyright must begin and end with freedom of expression.